Lucene search

[email protected]CVE-2006-5280

HistoryOct 13, 2006 - 7:07 p.m.

CVE-2006-5280

2006-10-1319:07:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2006-5280

php

remote file inclusion

leicestershire communityportals 1.0

security vulnerability

7.7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.032 Low

EPSS

Percentile

91.1%

JSON

PHP remote file inclusion vulnerability in includes/import-archive.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter.

CPENameOperatorVersion
cuttlefish_multimedia_ltd.:leicestershire_communityportalscuttlefish multimedia ltd. leicestershire communityportalsle1.build_20051018

CPE	Name	Operator	Version
cuttlefish_multimedia_ltd.:leicestershire_communityportals	cuttlefish multimedia ltd. leicestershire communityportals	le	1.build_20051018

References

secunia.com/advisories/22381

www.osvdb.org/29670

www.securityfocus.com/bid/20479

www.vupen.com/english/advisories/2006/4010

exchange.xforce.ibmcloud.com/vulnerabilities/29487

www.exploit-db.com/exploits/2516

7.7 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.032 Low

EPSS

Percentile

91.1%

JSON

Related for CVE-2006-5280

cve2