Lucene search

[email protected]CVE-2006-4648

HistorySep 08, 2006 - 9:04 p.m.

CVE-2006-4648

2006-09-0821:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

182

cve-2006-4648

php

remote file inclusion

vulnerability

bingo news

bp news

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.031 Low

EPSS

Percentile

91.0%

JSON

PHP remote file inclusion vulnerability in bp_ncom.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter.

CPENameOperatorVersion
bingo_news:bingo_newsbingo newsle3.01

CPE	Name	Operator	Version
bingo_news:bingo_news	bingo news	le	3.01

References

secunia.com/advisories/21804

securitytracker.com/id?1016811

www.securityfocus.com/archive/1/445506/100/0/threaded

www.securityfocus.com/bid/19877

www.vupen.com/english/advisories/2006/3494

exchange.xforce.ibmcloud.com/vulnerabilities/28769

www.exploit-db.com/exploits/2312

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.031 Low

EPSS

Percentile

91.0%

JSON

Related for CVE-2006-4648

prion1 cve1 securityvulns1