Lucene search

[email protected]CVE-2006-5923

HistoryNov 15, 2006 - 3:07 p.m.

CVE-2006-5923

2006-11-1515:07:00

[email protected]

web.nvd.nist.gov

cve-2006-5923

php

remote file inclusion vulnerability

gtcatalog

gimescripts shopping catalog

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.051 Low

EPSS

Percentile

93.0%

JSON

PHP remote file inclusion vulnerability in index.php in Chris Mac gtcatalog (aka GimeScripts Shopping Catalog) 0.9.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the custom parameter.

Affected configurations

NVD

Node

chris_macgimescripts_shopping_catalogRange≤0.9.1

CPENameOperatorVersion
chris_mac:gimescripts_shopping_catalogchris mac gimescripts shopping catalogle0.9.1

CPE	Name	Operator	Version
chris_mac:gimescripts_shopping_catalog	chris mac gimescripts shopping catalog	le	0.9.1

References

www.securityfocus.com/archive/1/452114/100/200/threaded

www.securityfocus.com/bid/20979

www.exploit-db.com/exploits/2745

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.051 Low

EPSS

Percentile

93.0%

JSON

Related for CVE-2006-5923

cvelist1 nvd1