Lucene search

[email protected]CVE-2006-5224

HistoryOct 10, 2006 - 9:07 p.m.

CVE-2006-5224

2006-10-1021:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5224

php

remote file inclusion

includes/logger_engine.php

dimitri seitz

security suite

ip logger

dwingmods

phpbb

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.086 Low

EPSS

Percentile

94.4%

JSON

PHP remote file inclusion vulnerability in includes/logger_engine.php in Dimitri Seitz Security Suite IP Logger 1.0.0 in dwingmods for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

CPENameOperatorVersion
dimitri_seitz:security_suite_ip_loggerdimitri seitz security suite ip loggereq1.0.0

CPE	Name	Operator	Version
dimitri_seitz:security_suite_ip_logger	dimitri seitz security suite ip logger	eq	1.0.0

References

secunia.com/advisories/22290

www.securityfocus.com/bid/20370

www.vupen.com/english/advisories/2006/3926

exchange.xforce.ibmcloud.com/vulnerabilities/29321

www.exploit-db.com/exploits/2480

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.086 Low

EPSS

Percentile

94.4%

JSON

Related for CVE-2006-5224

cve1