Lucene search

[email protected]CVE-2006-5257

HistoryOct 12, 2006 - 10:07 p.m.

CVE-2006-5257

2006-10-1222:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5257

php

remote file inclusion

ciamos content management system

cms

security vulnerability

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.051 Low

EPSS

Percentile

92.8%

JSON

PHP remote file inclusion vulnerability in modules/forum/include/config.php in Ciamos Content Management System (CMS) 0.9.6b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_cache_path parameter.

CPENameOperatorVersion
ciamos:ciamos_cmsciamos ciamos cmsle0.9.6b

CPE	Name	Operator	Version
ciamos:ciamos_cms	ciamos ciamos cms	le	0.9.6b

References

www.securityfocus.com/bid/20403

exchange.xforce.ibmcloud.com/vulnerabilities/29398

www.exploit-db.com/exploits/2489

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.051 Low

EPSS

Percentile

92.8%

JSON