Lucene search

[email protected]CVE-2006-3777

HistoryJul 24, 2006 - 12:19 p.m.

CVE-2006-3777

2006-07-2412:19:00

CWE-94

[email protected]

web.nvd.nist.gov

cve

2006

3777

php

remote file inclusion

index.php

idevspot

phplinkexchange

nvd

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.08 Low

EPSS

Percentile

94.2%

JSON

PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

CPENameOperatorVersion
idevspot:phplinkexchangeidevspot phplinkexchangeeq1.0

CPE	Name	Operator	Version
idevspot:phplinkexchange	idevspot phplinkexchange	eq	1.0

References

pridels0.blogspot.com/2006/07/phplinkexchange-remote-file-inclusion.html

secunia.com/advisories/21126

www.osvdb.org/27410

www.securityfocus.com/bid/19083

www.vupen.com/english/advisories/2006/2900

exchange.xforce.ibmcloud.com/vulnerabilities/27851

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.08 Low

EPSS

Percentile

94.2%

JSON