Lucene search

[email protected]CVE-2006-4551

HistorySep 06, 2006 - 12:04 a.m.

CVE-2006-4551

2006-09-0600:04:00

[email protected]

web.nvd.nist.gov

cve-2006-4551

chxo feedsplitter

eval injection

remote execution

php code

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.7%

JSON

Eval injection vulnerability in CHXO Feedsplitter 2006-01-21 allows remote attackers to execute arbitrary PHP code via (1) the file specified as the value of the format parameter, and possibly (2) the RSS feed.

Affected configurations

NVD

Node

chxofeedsplitterMatch2006-01-21

CPENameOperatorVersion
chxo:feedsplitterchxo feedsplittereq2006-01-21

CPE	Name	Operator	Version
chxo:feedsplitter	chxo feedsplitter	eq	2006-01-21

References

secunia.com/advisories/22000

www.securityfocus.com/archive/1/444805/100/0/threaded

www.securityfocus.com/bid/19779

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.7%

JSON

Related for CVE-2006-4551

cvelist1 nvd1 nessus1