Lucene search

[email protected]CVE-2006-5310

HistoryOct 17, 2006 - 4:07 p.m.

CVE-2006-5310

2006-10-1716:07:00

CWE-94

[email protected]

web.nvd.nist.gov

php

remote file inclusion

vulnerability

j-pierre dezelus

phpmyconferences

phpmyconference

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.092 Low

EPSS

Percentile

94.7%

JSON

PHP remote file inclusion vulnerability in common/visiteurs/include/menus.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter.

Affected configurations

NVD

Node

j-pierre_dezelusles_visiteursMatch2.0.1

phpmyconferencesphpmyconferencesRange≤8.0.2

CPENameOperatorVersion
j-pierre_dezelus:les_visiteursj-pierre dezelus les visiteurseq2.0.1
phpmyconferences:phpmyconferencesphpmyconferencesle8.0.2

CPE	Name	Operator	Version
j-pierre_dezelus:les_visiteurs	j-pierre dezelus les visiteurs	eq	2.0.1
phpmyconferences:phpmyconferences	phpmyconferences	le	8.0.2

References

secunia.com/advisories/22411

securityreason.com/securityalert/1733

www.securityfocus.com/archive/1/448547/100/0/threaded

www.securityfocus.com/bid/20505

www.vupen.com/english/advisories/2006/4045

exchange.xforce.ibmcloud.com/vulnerabilities/29514

www.exploit-db.com/exploits/2535

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.092 Low

EPSS

Percentile

94.7%

JSON

Related for CVE-2006-5310

cvelist1 nvd1 nessus1