Lucene search

[email protected]CVE-2006-4373

HistoryAug 26, 2006 - 9:04 p.m.

CVE-2006-4373

2006-08-2621:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

php

remote file inclusion

vulnerability

pslash 0.70

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.168 Low

EPSS

Percentile

96.0%

JSON

PHP remote file inclusion vulnerability in modules/visitors2/include/config.inc.php in pSlash 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter.

CPENameOperatorVersion
derek_leung:pslashderek leung pslasheq0.70

CPE	Name	Operator	Version
derek_leung:pslash	derek leung pslash	eq	0.70

References

securityreason.com/securityalert/1449

securitytracker.com/id?1016752

www.attrition.org/pipermail/vim/2006-August/000993.html

www.securityfocus.com/archive/1/444204/100/0/threaded

www.securityfocus.com/bid/19693

exchange.xforce.ibmcloud.com/vulnerabilities/28543

www.exploit-db.com/exploits/2249

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.168 Low

EPSS

Percentile

96.0%

JSON

Related for CVE-2006-4373

prion1 cve1