Lucene search

K
cve[email protected]CVE-2006-7026
HistoryFeb 23, 2007 - 3:28 a.m.

CVE-2006-7026

2007-02-2303:28:00
web.nvd.nist.gov
21
cve-2006-7026
php
remote file inclusion
aardvark topsites
security vulnerability

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.038 Low

EPSS

Percentile

91.9%

PHP remote file inclusion vulnerability in sources/join.php in Aardvark Topsites PHP 4.2.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[path] parameter, a different vector than CVE-2006-2149.

Affected configurations

NVD
Node
avaticaardvark_topsites_phpRange4.2.2

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.038 Low

EPSS

Percentile

91.9%

Related for CVE-2006-7026