Lucene search

[email protected]CVE-2006-4630

HistorySep 08, 2006 - 8:04 p.m.

CVE-2006-4630

2006-09-0820:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-4630

php

remote file inclusion

jscript.php

sky gunning myspeach

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.1 Low

EPSS

Percentile

94.9%

JSON

PHP remote file inclusion vulnerability in jscript.php in Sky GUNNING MySpeach 3.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the my_ms[root] parameter.

CPENameOperatorVersion
sky_gunning:myspeachsky gunning myspeachle3.0.2

CPE	Name	Operator	Version
sky_gunning:myspeach	sky gunning myspeach	le	3.0.2

References

secunia.com/advisories/21777

www.comscripts.com/scripts/php.myspeach.1386.html

www.securityfocus.com/bid/19851

www.vupen.com/english/advisories/2006/3468

exchange.xforce.ibmcloud.com/vulnerabilities/28721

www.exploit-db.com/exploits/2301

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.1 Low

EPSS

Percentile

94.9%

JSON

Related for CVE-2006-4630

cve2 prion2 securityvulns1