Lucene search

[email protected]CVE-2006-6869

HistoryDec 31, 2006 - 5:00 a.m.

CVE-2006-6869

2006-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2006

6869

directory traversal

maxdev

mdforum

vulnerability

php

security

nvd

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.013 Low

EPSS

Percentile

85.7%

JSON

Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the PNSVlang cookie to error.php, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.

CPENameOperatorVersion
maxdev:mdforummaxdev mdforumle2.0.1

CPE	Name	Operator	Version
maxdev:mdforum	maxdev mdforum	le	2.0.1

References

www.securityfocus.com/bid/21837

www.vupen.com/english/advisories/2007/0017

exchange.xforce.ibmcloud.com/vulnerabilities/31215

www.exploit-db.com/exploits/3057

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.013 Low

EPSS

Percentile

85.7%

JSON