Lucene search

[email protected]CVE-2006-6360

HistoryDec 07, 2006 - 11:28 a.m.

CVE-2006-6360

2006-12-0711:28:00

[email protected]

web.nvd.nist.gov

cve-2006-6360

php

remote file inclusion

vulnerability

activate.php

php upload center 2.0

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.144 Low

EPSS

Percentile

95.8%

JSON

PHP remote file inclusion vulnerability in activate.php in PHP Upload Center 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the footerpage parameter.

Affected configurations

NVD

Node

sergey_korostelphp_upload_centerMatch2.0

CPENameOperatorVersion
sergey_korostel:php_upload_centersergey korostel php upload centereq2.0

CPE	Name	Operator	Version
sergey_korostel:php_upload_center	sergey korostel php upload center	eq	2.0

References

secunia.com/advisories/23204

securitytracker.com/id?1017329

www.securityfocus.com/bid/21412

www.vupen.com/english/advisories/2006/4837

exchange.xforce.ibmcloud.com/vulnerabilities/30688

exchange.xforce.ibmcloud.com/vulnerabilities/30690

www.exploit-db.com/exploits/2886

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.144 Low

EPSS

Percentile

95.8%

JSON

Related for CVE-2006-6360

nvd1 cvelist1