Lucene search

[email protected]CVE-2006-4190

HistoryAug 17, 2006 - 1:04 a.m.

CVE-2006-4190

2006-08-1701:04:00

[email protected]

web.nvd.nist.gov

cve-2006-4190

directory traversal

autohtml

php-nuke

vulnerability

security

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Directory traversal vulnerability in autohtml.php in the AutoHTML module for PHP-Nuke allows local users to include arbitrary files via a … (dot dot) in the name parameter for a modload operation.

Affected configurations

NVD

Node

php-nukeautohtml_moduleMatch2.0

CPENameOperatorVersion
php-nuke:autohtml_modulephp-nuke autohtml moduleeq2.0

CPE	Name	Operator	Version
php-nuke:autohtml_module	php-nuke autohtml module	eq	2.0

References

securityreason.com/securityalert/1398

www.lezr.com/vb/showthread.php?p=104324

www.securityfocus.com/archive/1/443289/100/0/threaded

www.securityfocus.com/bid/19525

exchange.xforce.ibmcloud.com/vulnerabilities/28388

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2006-4190

cvelist2 nvd2 prion1 cve1