Search...

CVE-2006-6224

2006-12-02T02:28:00

ID CVE-2006-6224
Type cve
Reporter cve@mitre.org
Modified 2017-07-29T01:29:00

Description

PHP remote file inclusion vulnerability in the installation scripts in Puntal before 1.8.5 allows remote attackers to execute arbitrary PHP code via the GLOBALS array.

JSON Vulners Source

Initial Source

{"id": "CVE-2006-6224", "bulletinFamily": "NVD", "title": "CVE-2006-6224", "description": "PHP remote file inclusion vulnerability in the installation scripts in Puntal before 1.8.5 allows remote attackers to execute arbitrary PHP code via the GLOBALS array.", "published": "2006-12-02T02:28:00", "modified": "2017-07-29T01:29:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6224", "reporter": "cve@mitre.org", "references": ["http://www.vupen.com/english/advisories/2006/4767", "http://www.puntal.fr/forums/viewtopic.php?id=610", "https://exchange.xforce.ibmcloud.com/vulnerabilities/30585", "http://www.securityfocus.com/bid/21357"], "cvelist": ["CVE-2006-6224"], "type": "cve", "lastseen": "2019-05-29T18:08:35", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "c3261c26c2e6ea1f385b0e00f570b6ed"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "81610d1c355cd73930fbfd73d45aa548"}, {"key": "cpe23", "hash": "11dade271a76ec7aa68046431cd6a2cb"}, {"key": "cvelist", "hash": "944bcf254f236f20ff47e3b5669c3b0a"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "cvss2", "hash": "7f7c77d2dde7216a66d00321bd5828f8"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "a170cd3511726593ceb9d310ae114184"}, {"key": "href", "hash": "7cba76e3dc359119bc41a70b321dc7d7"}, {"key": "modified", "hash": "81fbf4dc6a3bd69489aeb37b6c16d22d"}, {"key": "published", "hash": "50d2611b3f2da6c8ba39a6ecd1afe665"}, {"key": "references", "hash": "2548ef0f7e1416bcf66e784b0018ca28"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "604c678134b40ea1a3dea34c8e02bc92"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "2fbdedd04d3d19551ee1d58078461248e4c9d2eaa961a532764b9b503f1fb322", "viewCount": 0, "enchantments": {"score": {"value": 7.1, "vector": "NONE", "modified": "2019-05-29T18:08:35"}, "dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:30504"]}], "modified": "2019-05-29T18:08:35"}, "vulnersScore": 7.1}, "objectVersion": "1.3", "cpe": ["cpe:/a:puntal:puntal:1.8.3", "cpe:/a:puntal:puntal:1.8.2", "cpe:/a:puntal:puntal:1.8.4"], "affectedSoftware": [{"name": "puntal puntal", "operator": "eq", "version": "1.8.2"}, {"name": "puntal puntal", "operator": "eq", "version": "1.8.3"}, {"name": "puntal puntal", "operator": "eq", "version": "1.8.4"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:puntal:puntal:1.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:puntal:puntal:1.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:puntal:puntal:1.8.2:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}

{"osvdb": [{"lastseen": "2017-04-28T13:20:26", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 1.8.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://puntal.fr/\nVendor Specific News/Changelog Entry: http://www.puntal.fr/forums/viewtopic.php?id=610\nMail List Post: http://archives.neohapsis.com/archives/apps/freshmeat/2006-11/0022.html\nISS X-Force ID: 30585\nFrSIRT Advisory: ADV-2006-4767\n[CVE-2006-6224](https://vulners.com/cve/CVE-2006-6224)\nBugtraq ID: 21357\n", "modified": "2006-11-22T05:10:19", "published": "2006-11-22T05:10:19", "href": "https://vulners.com/osvdb/OSVDB:30504", "id": "OSVDB:30504", "title": "Puntal Unspecified Installation Script Issue", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}