Lucene search

[email protected]CVE-2006-6341

HistoryDec 07, 2006 - 1:28 a.m.

CVE-2006-6341

2006-12-0701:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6341

php

remote file inclusion

vulnerability

mg.applanix

nvd

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.153 Low

EPSS

Percentile

95.8%

JSON

Multiple PHP remote file inclusion vulnerabilities in mg.applanix 1.3.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the apx_root_path parameter to (1) act/act_check_access.php, (2) dsp/dsp_form_booking_ctl.php, and (3) dsp/dsp_bookings.php.

CPENameOperatorVersion
mg.blattl:mg.applanixmg.blattl mg.applanixle1.3.1

CPE	Name	Operator	Version
mg.blattl:mg.applanix	mg.blattl mg.applanix	le	1.3.1

References

securityreason.com/securityalert/1972

www.attrition.org/pipermail/vim/2006-December/001163.html

www.attrition.org/pipermail/vim/2006-December/001164.html

www.securityfocus.com/archive/1/452138/100/200/threaded

www.securityfocus.com/bid/21147

www.exploit-db.com/exploits/2794

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.153 Low

EPSS

Percentile

95.8%

JSON