Lucene search

[email protected]CVE-2006-5480

HistoryOct 24, 2006 - 8:07 p.m.

CVE-2006-5480

2006-10-2420:07:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2006-5480

php

remote file inclusion

vulnerability

2le.net

castor

web builder

8.4 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.041 Low

EPSS

Percentile

92.1%

JSON

PHP remote file inclusion vulnerability in lib/rs.php in 2le.net Castor PHP Web Builder 1.1.1 allows remote attackers to execute arbitrary PHP code via the rootpath parameter.

CPENameOperatorVersion
castor:php_web_buildercastor php web buildereq1.1.1

CPE	Name	Operator	Version
castor:php_web_builder	castor php web builder	eq	1.1.1

References

secunia.com/advisories/22527

www.securityfocus.com/bid/20658

www.vupen.com/english/advisories/2006/4143

exchange.xforce.ibmcloud.com/vulnerabilities/29704

www.exploit-db.com/exploits/2606

8.4 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.041 Low

EPSS

Percentile

92.1%

JSON