Lucene search

MitreCVE-2006-6727

HistoryDec 26, 2006 - 9:28 p.m.

CVE-2006-6727

2006-12-2621:28:00

CWE-94

mitre

web.nvd.nist.gov

cve

2006

6727

php

remote file inclusion

vulnerability

inertianews

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.01

Percentile

83.9%

JSON

PHP remote file inclusion vulnerability in inertianews_class.php in inertianews 0.02 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.

Affected configurations

Nvd

Node

inertianewsinertianewsRange≤0.02beta

VendorProductVersionCPE
inertianewsinertianews*cpe:2.3:a:inertianews:inertianews:*:beta:*:*:*:*:*:*

Vendor	Product	Version	CPE
inertianews	inertianews	*	cpe:2.3:a:inertianews:inertianews::beta::::::*

References

www.vupen.com/english/advisories/2006/5130

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.01

Percentile

83.9%

JSON

Related for CVE-2006-6727