Lucene search

[email protected]CVE-2006-4827

HistorySep 15, 2006 - 10:07 p.m.

CVE-2006-4827

2006-09-1522:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

107

cve-2006-4827

php

remote file inclusion

vmist downstat 1.8

security vulnerability

nvd

7.8 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.093 Low

EPSS

Percentile

94.6%

JSON

Multiple PHP remote file inclusion vulnerabilities in Vmist Downstat 1.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the art parameter to (1) admin.php, (2) chart.php, (3) modes.php, or (4) stats.php.

CPENameOperatorVersion
vmist:downstatvmist downstateq1.5
vmist:downstatvmist downstatle1.8
vmist:downstatvmist downstateq1.6
vmist:downstatvmist downstateq1.4
vmist:downstatvmist downstateq1.3
vmist:downstatvmist downstateq1.7
vmist:downstatvmist downstateq1.2

CPE	Name	Operator	Version
vmist:downstat	vmist downstat	eq	1.5
vmist:downstat	vmist downstat	le	1.8
vmist:downstat	vmist downstat	eq	1.6
vmist:downstat	vmist downstat	eq	1.4
vmist:downstat	vmist downstat	eq	1.3
vmist:downstat	vmist downstat	eq	1.7
vmist:downstat	vmist downstat	eq	1.2

References

secunia.com/advisories/21914

www.securityfocus.com/bid/20007

www.vupen.com/english/advisories/2006/3594

exchange.xforce.ibmcloud.com/vulnerabilities/28916

www.exploit-db.com/exploits/2359

7.8 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.093 Low

EPSS

Percentile

94.6%

JSON

Related for CVE-2006-4827

checkpoint_advisories2