Lucene search

[email protected]CVE-2006-5473

HistoryOct 24, 2006 - 8:07 p.m.

CVE-2006-5473

2006-10-2420:07:00

[email protected]

web.nvd.nist.gov

cve-2006-5473

php

remote file inclusion

softerra

developer library

vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.0%

JSON

PHP remote file inclusion vulnerability in Description.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via the lib_dir parameter. NOTE: this issue is disputed by CVE as of 20061023, since there is no Description.php file included in the product, and the existing “Description” file contains documentation, not functioning code

Affected configurations

NVD

Node

softerraphp_developer_libraryRange≤1.5.3

CPENameOperatorVersion
softerra:php_developer_librarysofterra php developer libraryle1.5.3

CPE	Name	Operator	Version
softerra:php_developer_library	softerra php developer library	le	1.5.3

References

attrition.org/pipermail/vim/2006-October/001090.html

securityreason.com/securityalert/1763

www.attrition.org/pipermail/vim/2006-October/001094.html

www.securityfocus.com/archive/1/449355/100/0/threaded

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.0%

JSON

Related for CVE-2006-5473

cvelist1 nvd1