Lucene search

[email protected]CVE-2006-4532

HistorySep 01, 2006 - 11:04 p.m.

CVE-2006-4532

2006-09-0123:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-4532

php

remote file inclusion

yacs cms

vulnerability

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.053 Low

EPSS

Percentile

93.0%

JSON

PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System (YACS) CMS 6.6.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the context[path_to_root] parameter.

CPENameOperatorVersion
bernard_pacques:yet_another_community_system_cmsbernard pacques yet another community system cmseq6.6.1

CPE	Name	Operator	Version
bernard_pacques:yet_another_community_system_cms	bernard pacques yet another community system cms	eq	6.6.1

References

secunia.com/advisories/21680

securitytracker.com/id?1016775

www.vupen.com/english/advisories/2006/3425

www.yetanothercommunitysystem.com/yacs/articles/view.php/1664

exchange.xforce.ibmcloud.com/vulnerabilities/28682

www.exploit-db.com/exploits/2282

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.053 Low

EPSS

Percentile

93.0%

JSON

Related for CVE-2006-4532

cve1