Lucene search

[email protected]CVE-2006-6419

HistoryDec 10, 2006 - 11:28 a.m.

CVE-2006-6419

2006-12-1011:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6419

jce admin component

ryan demmer

joomla content editor

remote attack

arbitrary file inclusion

nvd

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON

jce.php in the JCE Admin Component in Ryan Demmer Joomla Content Editor (JCE) 1.1.0 beta 2 and earlier for Joomla! (com_jce) allows remote attackers to include and possibly execute arbitrary local files via the (1) plugin or (2) file parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

CPENameOperatorVersion
ryan_demmer:joomla_content_editorryan demmer joomla content editorle1.1.0_beta2

CPE	Name	Operator	Version
ryan_demmer:joomla_content_editor	ryan demmer joomla content editor	le	1.1.0_beta2

References

secunia.com/advisories/23160

www.securityfocus.com/bid/21491

www.vupen.com/english/advisories/2006/4903

exchange.xforce.ibmcloud.com/vulnerabilities/30798

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.012 Low

EPSS

Percentile

84.9%

JSON

Related for CVE-2006-6419

nessus1 cvelist1