Lucene search

[email protected]CVE-2006-5418

HistoryOct 20, 2006 - 2:07 p.m.

CVE-2006-5418

2006-10-2014:07:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2006-5418

php

remote file inclusion

pbpbb

search engines

searchindexer

phpbb

nvd

7.8 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.081 Low

EPSS

Percentile

94.2%

JSON

PHP remote file inclusion vulnerability in archive/archive_topic.php in pbpbb archive for search engines (SearchIndexer) (aka phpBBSEI) for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

CPENameOperatorVersion
phpbb:searchindexerphpbb searchindexereq*

CPE	Name	Operator	Version
phpbb:searchindexer	phpbb searchindexer	eq	*

References

secunia.com/advisories/22443

securityreason.com/securityalert/1751

www.securityfocus.com/archive/1/448621/100/0/threaded

www.securityfocus.com/bid/20571

www.vupen.com/english/advisories/2006/4037

exchange.xforce.ibmcloud.com/vulnerabilities/29569

www.exploit-db.com/exploits/2549

7.8 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.081 Low

EPSS

Percentile

94.2%

JSON

Related for CVE-2006-5418

nessus1