Lucene search

[email protected]CVE-2006-5539

HistoryOct 26, 2006 - 5:07 p.m.

CVE-2006-5539

2006-10-2617:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5539

php

remote file inclusion

ueberproject management system

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.1 Low

EPSS

Percentile

94.8%

JSON

PHP remote file inclusion vulnerability in login/secure.php in UeberProject Management System 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cfg[homepath] parameter.

CPENameOperatorVersion
ueberproject_management_system:ueberproject_management_systemueberproject management systemle1.0

CPE	Name	Operator	Version
ueberproject_management_system:ueberproject_management_system	ueberproject management system	le	1.0

References

secunia.com/advisories/22565

www.osvdb.org/30015

www.securityfocus.com/bid/20719

www.vupen.com/english/advisories/2006/4186

exchange.xforce.ibmcloud.com/vulnerabilities/29775

www.exploit-db.com/exploits/2640

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.1 Low

EPSS

Percentile

94.8%

JSON