{"id": "CVE-2006-4893", "bulletinFamily": "NVD", "title": "CVE-2006-4893", "description": "PHP remote file inclusion vulnerability in bb_usage_stats/includes/bb_usage_stats.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter, a different vector than CVE-2006-4780.", "published": "2006-09-19T22:07:00", "modified": "2018-10-17T21:40:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4893", "reporter": "cve@mitre.org", "references": ["http://www.osvdb.org/28918", "http://www.securityfocus.com/archive/1/446108/100/0/threaded", "http://secunia.com/advisories/21970", "http://www.securityfocus.com/archive/1/452469/100/200/threaded", "http://securityreason.com/securityalert/1617", "http://www.securityfocus.com/bid/20046", "http://www.vupen.com/english/advisories/2006/3654", "http://nyubicrew.org/adv/Noge_adv_02.txt"], "cvelist": ["CVE-2006-4893"], "type": "cve", "lastseen": "2019-05-29T18:08:34", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "a049fc4120e0ea6b40a03917aeea14c8"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "33642a8473b25272eee8d6958b873ffe"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "cvss2", "hash": "7f7c77d2dde7216a66d00321bd5828f8"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "c9c2c32bb635b0b0e8deec0527c72473"}, {"key": "href", "hash": "ba3739508f43f497a758fbe1624688d3"}, {"key": "modified", "hash": "146c1faaf0bf567d3e488b4618330266"}, {"key": "published", "hash": "d0a58d357c584afa42586863b3426789"}, {"key": "references", "hash": "f7817685685886555067af2884ad7797"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "f725468995cecff0828d07c710355e80"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "de44759164664e3b4085add9277e89feae1766ffd2fa23a816d8d1ee4491c33e", "viewCount": 1, "enchantments": {"score": {"value": 6.8, "vector": "NONE", "modified": "2019-05-29T18:08:34"}, "dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:28918"]}], "modified": "2019-05-29T18:08:34"}, "vulnersScore": 6.8}, "objectVersion": "1.3", "cpe": [], "affectedSoftware": [{"name": "phpbb_xs phpbb_xs", "operator": "le", "version": "0.58"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": [], "cwe": ["NVD-CWE-Other"]}

{"osvdb": [{"lastseen": "2017-04-28T13:20:25", "bulletinFamily": "software", "description": "## Vulnerability Description\nphpBB XS contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to bb_usage_stats.php not properly sanitizing user input supplied to the phpbb_root_path variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nUpgrade to version 058a or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nphpBB XS contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to bb_usage_stats.php not properly sanitizing user input supplied to the phpbb_root_path variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/[path]/bb_usage_stats/include/bb_usage_stats.php?phpbb_root_path=[evilcode]\n## References:\nVendor URL: http://www.phpbbxs.eu/\n[Secunia Advisory ID:21970](https://secuniaresearch.flexerasoftware.com/advisories/21970/)\nOther Advisory URL: http://nyubicrew.org/adv/Noge_adv_02.txt\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0255.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-11/0470.html\nFrSIRT Advisory: ADV-2006-3654\n[CVE-2006-4893](https://vulners.com/cve/CVE-2006-4893)\nBugtraq ID: 20046\n", "modified": "2006-09-15T10:03:52", "published": "2006-09-15T10:03:52", "href": "https://vulners.com/osvdb/OSVDB:28918", "id": "OSVDB:28918", "type": "osvdb", "title": "phpBB XS bb_usage_stats.php phpbb_root_path Variable Remote File Inclusion", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}