Lucene search
HistoryFeb 23, 2007 - 3:28 a.m.
CVE-2006-7026
cve-2006-7026
php
remote file inclusion
aardvark topsites
security vulnerability
7.6 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.038 Low
EPSS
Percentile
91.9%
PHP remote file inclusion vulnerability in sources/join.php in Aardvark Topsites PHP 4.2.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[path] parameter, a different vector than CVE-2006-2149.
Affected configurations
Node
avaticaardvark_topsites_phpRange≤4.2.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| avatic:aardvark_topsites_php | avatic aardvark topsites php | le | 4.2.2 |
Related
nvd
nvd
CVE-2006-7026
2007-02-23 03:28:00
CVE-2006-2149
2006-05-03 10:02:00
cvelist
cvelist
CVE-2006-7026
2007-02-23 01:00:00
CVE-2006-2149
2006-05-03 10:00:00
prion
prion
Remote file inclusion
2006-05-03 10:02:00
nessus
nessus
Aardvark Topsites CONFIG[path] Parameter Remote File Inclusion
2006-05-08 00:00:00
openvas
openvas
Aardvark Topsites <= 4.2.2 Remote File Inclusion Vulnerability
2008-08-22 00:00:00
cve
cve
CVE-2006-2149
2006-05-03 10:02:00
7.6 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.038 Low
EPSS
Percentile
91.9%
Related for CVE-2006-7026