Lucene search

[email protected]CVE-2006-6877

HistoryDec 31, 2006 - 5:00 a.m.

CVE-2006-6877

2006-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6877

directory traversal

matteo lucarelli

3editor cms

nvd

7.5 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.8%

JSON

Directory traversal vulnerability in index.php in Matteo Lucarelli 3editor CMS 0.42 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via a … (dot dot) in the page parameter.

CPENameOperatorVersion
matteo_lucarelli:3editor_cmsmatteo lucarelli 3editor cmsle0.42

CPE	Name	Operator	Version
matteo_lucarelli:3editor_cms	matteo lucarelli 3editor cms	le	0.42

References

secunia.com/advisories/23478

www.vupen.com/english/advisories/2006/5144

www.exploit-db.com/exploits/2982

7.5 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.8%

JSON

Related for CVE-2006-6877

cvelist1