Lucene search

K
cve[email protected]CVE-2006-5910
HistoryNov 15, 2006 - 3:07 p.m.

CVE-2006-5910

2006-11-1515:07:00
NVD-CWE-Other
web.nvd.nist.gov
20
cve-2006-5910
php
remote file inclusion
campware campsite
arbitrary code execution
url
g_documentroot parameter
bugreporter
thankyou.php
feedback
implementation
management
priv

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.03 Low

EPSS

Percentile

90.7%

Multiple PHP remote file inclusion vulnerabilities in Campware Campsite before 20061110 allow remote attackers to execute arbitrary PHP code via a URL in the g_documentRoot parameter to (1) bugreporter/thankyou.php and (2) feedback/thankyou.php in implementation/management/priv/.

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.03 Low

EPSS

Percentile

90.7%