Lucene search

[email protected]CVE-2006-6863

HistoryJan 04, 2007 - 10:00 p.m.

CVE-2006-6863

2007-01-0422:00:00

[email protected]

web.nvd.nist.gov

cve-2006-6863

enigma2

enigma wordpress bridge

php

remote file inclusion

vulnerability

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.153 Low

EPSS

Percentile

95.9%

JSON

PHP remote file inclusion vulnerability in the Enigma2 plugin (Enigma2.php) in Enigma WordPress Bridge allows remote attackers to execute arbitrary PHP code via a URL in the boarddir parameter. NOTE: CVE disputes this issue, since $boarddir is set to a fixed value

Affected configurations

NVD

Node

enigmawordpress_bridge

CPENameOperatorVersion
enigma:wordpress_bridgeenigma wordpress bridgeeq*

CPE	Name	Operator	Version
enigma:wordpress_bridge	enigma wordpress bridge	eq	*

References

securityreason.com/securityalert/2093

securitytracker.com/id?017459

www.attrition.org/pipermail/vim/2007-January/001207.html

www.securityfocus.com/archive/1/455555/100/0/threaded

www.securityfocus.com/bid/21826

www.exploit-db.com/exploits/3051

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.153 Low

EPSS

Percentile

95.9%

JSON

Related for CVE-2006-6863

nvd1 patchstack1 cvelist1