Lucene search
HistoryAug 17, 2006 - 9:04 p.m.
CVE-2006-4215
php
remote file inclusion
vulnerability
zen cart
security
nvd
7.6 High
AI Score
Confidence
High
5.1 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.071 Low
EPSS
Percentile
94.0%
PHP remote file inclusion vulnerability in index.php in Zen Cart 1.3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the autoLoadConfig[999][0][loadFile] parameter.
Affected configurations
Node
zen_cartzen_cartRange≤1.3.0.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| zen_cart:zen_cart | zen cart | le | 1.3.0.2 |
Related
nessus
nessus
Zen Cart autoload_func.php autoLoadConfig Array Remote File Inclusion
2006-08-17 00:00:00
cvelist
cvelist
CVE-2006-4215
2006-08-17 21:00:00
nvd
nvd
CVE-2006-4215
2006-08-17 21:04:00
7.6 High
AI Score
Confidence
High
5.1 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.071 Low
EPSS
Percentile
94.0%
Related for CVE-2006-4215