Lucene search

[email protected]CVE-2006-5222

HistoryOct 10, 2006 - 9:07 p.m.

CVE-2006-5222

2006-10-1021:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5222

php

remote file inclusion

dimension

phpbb

security vulnerability

nvd

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.086 Low

EPSS

Percentile

94.4%

JSON

Multiple PHP remote file inclusion vulnerabilities in Dimension of phpBB 0.2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/themen_portal_mitte.php or (2) includes/logger_engine.php.

CPENameOperatorVersion
dimension_of_phpbb:dimension_of_phpbbdimension of phpbbeq0.2.6

CPE	Name	Operator	Version
dimension_of_phpbb:dimension_of_phpbb	dimension of phpbb	eq	0.2.6

References

secunia.com/advisories/22287

www.securityfocus.com/bid/20367

www.vupen.com/english/advisories/2006/3923

exchange.xforce.ibmcloud.com/vulnerabilities/29361

www.exploit-db.com/exploits/2481

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.086 Low

EPSS

Percentile

94.4%

JSON