Lucene search

MitreCVE-2006-3987

HistoryAug 05, 2006 - 12:04 a.m.

CVE-2006-3987

2006-08-0500:04:00

mitre

web.nvd.nist.gov

cve

2006

3987

php

remote file inclusion

vulnerabilities

knusperleicht filemanager

nvd

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.112

Percentile

95.2%

JSON

Multiple PHP remote file inclusion vulnerabilities in index.php in Knusperleicht FileManager 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) dwl_download_path or (2) dwl_include_path parameters.

Affected configurations

Nvd

Node

knusperleichtknusperleicht_filemanagerRange≤1.2

VendorProductVersionCPE
knusperleichtknusperleicht_filemanager*cpe:2.3:a:knusperleicht:knusperleicht_filemanager:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
knusperleicht	knusperleicht_filemanager	*	cpe:2.3:a:knusperleicht:knusperleicht_filemanager::::::::

References

secunia.com/advisories/21294

securityreason.com/securityalert/1327

www.securityfocus.com/archive/1/441813/100/0/threaded

www.securityfocus.com/bid/19270

www.vupen.com/english/advisories/2006/3089

exchange.xforce.ibmcloud.com/vulnerabilities/28128

www.exploit-db.com/exploits/2104

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.112

Percentile

95.2%

JSON

Related for CVE-2006-3987