Lucene search

[email protected]CVE-2006-6633

HistoryDec 18, 2006 - 11:28 a.m.

CVE-2006-6633

2006-12-1811:28:00

[email protected]

web.nvd.nist.gov

cve-2006-6633

php

remote file inclusion

yapbb

vulnerability

nvd

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.051 Low

EPSS

Percentile

92.9%

JSON

PHP remote file inclusion vulnerability in include/yapbb_session.php in YapBB 1.2 Beta2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[include_Bit] parameter.

Affected configurations

NVD

Node

yapbbyapbbRange≤1.2_beta2

yapbbyapbbMatch1.1

yapbbyapbbMatch1.2

CPENameOperatorVersion
yapbb:yapbbyapbble1.2_beta2
yapbb:yapbbyapbbeq1.1
yapbb:yapbbyapbbeq1.2

CPE	Name	Operator	Version
yapbb:yapbb	yapbb	le	1.2_beta2
yapbb:yapbb	yapbb	eq	1.1
yapbb:yapbb	yapbb	eq	1.2

References

www.securityfocus.com/bid/20615

exchange.xforce.ibmcloud.com/vulnerabilities/29667

www.exploit-db.com/exploits/2594

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.051 Low

EPSS

Percentile

92.9%

JSON

Related for CVE-2006-6633

nvd1 cvelist1