Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2006-5421
HistoryOct 20, 2006 - 2:07 p.m.

CVE-2006-5421

2006-10-2014:07:00
[email protected]
web.nvd.nist.gov
21
wsn forum
remote code execution
cve-2006-5421
nvd
security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.066 Low

EPSS

Percentile

93.8%

JSON

WSN Forum 1.3.4 and earlier allows remote attackers to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been labeled remote file inclusion, but that label only applies to the attack, not the underlying vulnerability.

Affected configurations

NVD
Node
wsn_forumwsn_forumRange1.3.4
CPENameOperatorVersion
wsn_forum:wsn_forumwsn forumle1.3.4

Related

cvelist 1
nvd 1
cvelist
cvelist
CVE-2006-5421
2006-10-20 10:00:00
nvd
nvd
CVE-2006-5421
2006-10-20 14:07:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.066 Low

EPSS

Percentile

93.8%

JSON
Related for CVE-2006-5421
cvelist1nvd1