Lucene search

[email protected]CVE-2006-4061

HistoryAug 10, 2006 - 12:04 a.m.

CVE-2006-4061

2006-08-1000:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-4061

php

remote file inclusion

index.php

thomas pequet

phpprintanalyzer 1.1

register_globals

nvd

security vulnerability

url parameter

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.086 Low

EPSS

Percentile

94.4%

JSON

PHP remote file inclusion vulnerability in index.php in Thomas Pequet phpPrintAnalyzer 1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rep_par_rapport_racine parameter. NOTE: this issue has been disputed by third party researchers, stating that the rep_par_rapport_racine variable is initialized before use

CPENameOperatorVersion
thomas_pequet:phpprintanalyzerthomas pequet phpprintanalyzereq1.1

CPE	Name	Operator	Version
thomas_pequet:phpprintanalyzer	thomas pequet phpprintanalyzer	eq	1.1

References

archives.neohapsis.com/archives/bugtraq/2006-08/0305.html

securitytracker.com/id?1016652

www.osvdb.org/29133

www.securityfocus.com/archive/1/442492/100/0/threaded

www.securityfocus.com/bid/19397

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.086 Low

EPSS

Percentile

94.4%

JSON