Lucene search

[email protected]CVE-2006-6023

HistoryNov 21, 2006 - 11:07 p.m.

CVE-2006-6023

2006-11-2123:07:00

[email protected]

web.nvd.nist.gov

cve-2006-6023

php

remote file inclusion

vulnerability

bloo 1.0

bill roberts

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.0%

JSON

PHP remote file inclusion vulnerability in phoo.base.php in Bill Roberts Bloo 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the descriptorFileList parameter. NOTE: this issue is disputed by CVE since $descriptorFileList is used in a function definition within phoo.base.php

Affected configurations

NVD

Node

blooblooMatch1.0

CPENameOperatorVersion
bloo:blooblooeq1.0

CPE	Name	Operator	Version
bloo:bloo	bloo	eq	1.0

References

securityreason.com/securityalert/1893

www.attrition.org/pipermail/vim/2006-November/001137.html

www.securityfocus.com/archive/1/451818/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/30336

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.0%

JSON

Related for CVE-2006-6023

cvelist1 nvd1