Lucene search

[email protected]CVE-2006-5191

HistoryOct 10, 2006 - 4:06 a.m.

CVE-2006-5191

2006-10-1004:06:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2006-5191

nivisec static topics

phpbb

remote file inclusion

php

vulnerability

8.4 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.064 Low

EPSS

Percentile

93.6%

JSON

PHP remote file inclusion vulnerability in includes/functions_static_topics.php in the Nivisec Static Topics module for phpBB 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

CPENameOperatorVersion
phpbb:phpbbphpbble1.0

CPE	Name	Operator	Version
phpbb:phpbb	phpbb	le	1.0

References

secunia.com/advisories/22269

www.nivisec.com/article.php?l=vi&ar=20

www.osvdb.org/29506

www.securityfocus.com/bid/20353

www.vupen.com/english/advisories/2006/3916

exchange.xforce.ibmcloud.com/vulnerabilities/29347

www.exploit-db.com/exploits/2477/

8.4 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.064 Low

EPSS

Percentile

93.6%

JSON