ID CVE-2006-6224Type cveReporter NVDModified 2017-07-28T21:29:24
Description
PHP remote file inclusion vulnerability in the installation scripts in Puntal before 1.8.5 allows remote attackers to execute arbitrary PHP code via the GLOBALS array.
{"id": "CVE-2006-6224", "bulletinFamily": "NVD", "title": "CVE-2006-6224", "description": "PHP remote file inclusion vulnerability in the installation scripts in Puntal before 1.8.5 allows remote attackers to execute arbitrary PHP code via the GLOBALS array.", "published": "2006-12-01T21:28:00", "modified": "2017-07-28T21:29:24", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6224", "reporter": "NVD", "references": ["http://www.vupen.com/english/advisories/2006/4767", "http://www.puntal.fr/forums/viewtopic.php?id=610", "https://exchange.xforce.ibmcloud.com/vulnerabilities/30585", "http://www.securityfocus.com/bid/21357"], "cvelist": ["CVE-2006-6224"], "type": "cve", "lastseen": "2017-07-29T11:21:42", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:puntal:puntal:1.8.3", "cpe:/a:puntal:puntal:1.8.2", "cpe:/a:puntal:puntal:1.8.4"], "cvelist": ["CVE-2006-6224"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "PHP remote file inclusion vulnerability in the installation scripts in Puntal before 1.8.5 allows remote attackers to execute arbitrary PHP code via the GLOBALS array.", "edition": 1, "enchantments": {}, "hash": "19900049064538c5a18936fde69fae5069a15e3a32586dc51e1189ab45fedf65", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "038c96ef8f3c814c5698d5c265f20f7d", "key": "published"}, {"hash": "944bcf254f236f20ff47e3b5669c3b0a", "key": "cvelist"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "6191de728b63122da82ed061b888fc78", "key": "references"}, {"hash": "604c678134b40ea1a3dea34c8e02bc92", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "7cba76e3dc359119bc41a70b321dc7d7", "key": "href"}, {"hash": "ad46886e9dab336f0a90ae46f55e2a63", "key": "modified"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "a170cd3511726593ceb9d310ae114184", "key": "description"}, {"hash": "81610d1c355cd73930fbfd73d45aa548", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6224", "id": "CVE-2006-6224", "lastseen": "2016-09-03T07:56:32", "modified": "2011-03-07T21:45:38", "objectVersion": "1.2", "published": "2006-12-01T21:28:00", "references": ["http://www.vupen.com/english/advisories/2006/4767", "http://www.puntal.fr/forums/viewtopic.php?id=610", "http://xforce.iss.net/xforce/xfdb/30585", "http://www.securityfocus.com/bid/21357"], "reporter": "NVD", "scanner": [], "title": "CVE-2006-6224", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T07:56:32"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "81610d1c355cd73930fbfd73d45aa548"}, {"key": "cvelist", "hash": "944bcf254f236f20ff47e3b5669c3b0a"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "a170cd3511726593ceb9d310ae114184"}, {"key": "href", "hash": "7cba76e3dc359119bc41a70b321dc7d7"}, {"key": "modified", "hash": "df1ac9f3acd243aac3e97c7896a5aae3"}, {"key": "published", "hash": "038c96ef8f3c814c5698d5c265f20f7d"}, {"key": "references", "hash": "2548ef0f7e1416bcf66e784b0018ca28"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "604c678134b40ea1a3dea34c8e02bc92"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "7e64062c07bdf0d862cad87b6092bff77f21e7b38797fd831061961764945ecc", "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2017-07-29T11:21:42"}, "dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:30504"]}], "modified": "2017-07-29T11:21:42"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "cpe": ["cpe:/a:puntal:puntal:1.8.3", "cpe:/a:puntal:puntal:1.8.2", "cpe:/a:puntal:puntal:1.8.4"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}
{"osvdb": [{"lastseen": "2017-04-28T13:20:26", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 1.8.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://puntal.fr/\nVendor Specific News/Changelog Entry: http://www.puntal.fr/forums/viewtopic.php?id=610\nMail List Post: http://archives.neohapsis.com/archives/apps/freshmeat/2006-11/0022.html\nISS X-Force ID: 30585\nFrSIRT Advisory: ADV-2006-4767\n[CVE-2006-6224](https://vulners.com/cve/CVE-2006-6224)\nBugtraq ID: 21357\n", "modified": "2006-11-22T05:10:19", "published": "2006-11-22T05:10:19", "href": "https://vulners.com/osvdb/OSVDB:30504", "id": "OSVDB:30504", "title": "Puntal Unspecified Installation Script Issue", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
