Lucene search

[email protected]CVE-2006-6958

HistoryJan 29, 2007 - 4:28 p.m.

CVE-2006-6958

2007-01-2916:28:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2006-6958

php

remote file inclusion

vulnerability

phpbluedragon 2.9.1

security

nvd

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.098 Low

EPSS

Percentile

94.8%

JSON

Multiple PHP remote file inclusion vulnerabilities in phpBlueDragon 2.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter to (1) team_admin.php, (2) rss_admin.php, (3) manual_admin.php, and (4) forum_admin.php in includes/root_modules/, a different set of vectors than CVE-2006-3076.

CPENameOperatorVersion
phpbluedragon:phpbluedragon_cmsphpbluedragon phpbluedragon cmseq2.9.1

CPE	Name	Operator	Version
phpbluedragon:phpbluedragon_cms	phpbluedragon phpbluedragon cms	eq	2.9.1

References

packetstormsecurity.org/0606-exploits/phpbluedragon-2.txt

securityreason.com/securityalert/2193

www.osvdb.org/27676

www.osvdb.org/27677

www.osvdb.org/27678

www.osvdb.org/27679

www.securityfocus.com/archive/1/438238/100/100/threaded

www.securityfocus.com/bid/18609

exchange.xforce.ibmcloud.com/vulnerabilities/27152

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.098 Low

EPSS

Percentile

94.8%

JSON

Related for CVE-2006-6958

securityvulns1 cve2 prion1