Lucene search

[email protected]CVE-2006-4918

HistorySep 21, 2006 - 1:07 a.m.

CVE-2006-4918

2006-09-2101:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cwe-94

php

remote code execution

security vulnerability

web application security

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.153 Low

EPSS

Percentile

95.8%

JSON

Multiple PHP remote file inclusion vulnerabilities in Simple Discussion Board 0.1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) env_dir parameter to (a) blank.php, (b) admin.php, or © builddb.php, and the (2) script_root parameter to blank.php.

CPENameOperatorVersion
simple_discussion_board:simple_discussion_boardsimple discussion boardeq0.1.0

CPE	Name	Operator	Version
simple_discussion_board:simple_discussion_board	simple discussion board	eq	0.1.0

References

secunia.com/advisories/21990

www.osvdb.org/29041

www.securityfocus.com/bid/20103

www.vupen.com/english/advisories/2006/3735

exchange.xforce.ibmcloud.com/vulnerabilities/29025

www.exploit-db.com/exploits/2396

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.153 Low

EPSS

Percentile

95.8%

JSON