Lucene search

[email protected]CVE-2006-5865

HistoryNov 11, 2006 - 1:07 a.m.

CVE-2006-5865

2006-11-1101:07:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2006-5865

php

remote file inclusion

myalbum

vulnerability

security

nvd

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.092 Low

EPSS

Percentile

94.6%

JSON

PHP remote file inclusion vulnerability in language.inc.php in MyAlbum 3.02 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the langs_dir parameter.

CPENameOperatorVersion
damien_benier:myalbumdamien benier myalbumle3.02

CPE	Name	Operator	Version
damien_benier:myalbum	damien benier myalbum	le	3.02

References

secunia.com/advisories/22619

www.osvdb.org/30280

www.securityfocus.com/archive/1/452140

www.securityfocus.com/bid/21187

www.vupen.com/english/advisories/2006/4427

exchange.xforce.ibmcloud.com/vulnerabilities/30169

www.exploit-db.com/exploits/2747

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.092 Low

EPSS

Percentile

94.6%

JSON