Lucene search

[email protected]CVE-2006-6567

HistoryDec 15, 2006 - 11:28 a.m.

CVE-2006-6567

2006-12-1511:28:00

[email protected]

web.nvd.nist.gov

cve-2006-6567

php

remote file inclusion

vulnerability

knowledge base

mxbb

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

PHP remote file inclusion vulnerability in includes/kb_constants.php in the Knowledge Base (mx_kb) 2.0.2 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.

Affected configurations

NVD

Node

mxbbkb_modsMatch2.0.2

CPENameOperatorVersion
mxbb:kb_modsmxbb kb modseq2.0.2

CPE	Name	Operator	Version
mxbb:kb_mods	mxbb kb mods	eq	2.0.2

References

secunia.com/advisories/23356

www.securityfocus.com/bid/21577

www.vupen.com/english/advisories/2006/4982

exchange.xforce.ibmcloud.com/vulnerabilities/30856

www.exploit-db.com/exploits/2924

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

Related for CVE-2006-6567

cvelist1 nvd1