Lucene search

[email protected]CVE-2006-6553

HistoryDec 14, 2006 - 6:28 p.m.

CVE-2006-6553

2006-12-1418:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6553

php

remote file inclusion

vulnerability

newssuite 1.03

mxbb

nvd

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.066 Low

EPSS

Percentile

93.7%

JSON

PHP remote file inclusion vulnerability in includes/newssuite_constants.php in the NewsSuite 1.03 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter.

CPENameOperatorVersion
mxbb:mxbb_newssuitemxbb mxbb newssuiteeq1.03

CPE	Name	Operator	Version
mxbb:mxbb_newssuite	mxbb mxbb newssuite	eq	1.03

References

secunia.com/advisories/23358

www.securityfocus.com/bid/21573

www.vupen.com/english/advisories/2006/4981

exchange.xforce.ibmcloud.com/vulnerabilities/30855

www.exploit-db.com/exploits/2925

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.066 Low

EPSS

Percentile

93.7%

JSON