Lucene search

[email protected]CVE-2006-5126

HistoryOct 03, 2006 - 4:03 a.m.

CVE-2006-5126

2006-10-0304:03:00

[email protected]

web.nvd.nist.gov

cve-2006-5126

php

remote file inclusion

index.php

john himmelman

powerportal

nvd

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.056 Low

EPSS

Percentile

93.3%

JSON

PHP remote file inclusion vulnerability in index.php in John Himmelman (aka DaRk2k1) PowerPortal 1.3a allows remote attackers to execute arbitrary PHP code via a URL in the file_name[] parameter.

Affected configurations

NVD

Node

powerportalpowerportalMatch1.3a

CPENameOperatorVersion
powerportal:powerportalpowerportaleq1.3a

CPE	Name	Operator	Version
powerportal:powerportal	powerportal	eq	1.3a

References

secunia.com/advisories/22209

www.securityfocus.com/bid/20262

exchange.xforce.ibmcloud.com/vulnerabilities/29264

www.exploit-db.com/exploits/2454

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.056 Low

EPSS

Percentile

93.3%

JSON

Related for CVE-2006-5126

nvd1 cvelist1