Lucene search

[email protected]CVE-2006-7045

HistoryFeb 24, 2007 - 12:28 a.m.

CVE-2006-7045

2007-02-2400:28:00

[email protected]

web.nvd.nist.gov

cve-2006-7045

php

remote file inclusion

clan manager pro

cmpro

vulnerability

exploit

security

nvd

code execution

url

third party sources

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.7%

JSON

PHP remote file inclusion vulnerability in Clan Manager Pro (CMPRO) 1.1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the (1) rootpath and possibly (2) sitepath parameters to (a) cmpro.ext/comment.core.inc.php and (b) cmpro.intern/comment.core.inc.php. NOTE: the provenance of this information is unknown; details are obtained from third party sources.

Affected configurations

NVD

Node

cmpro_teamclan_manager_proRange≤1.1.0

CPENameOperatorVersion
cmpro_team:clan_manager_procmpro team clan manager prole1.1.0

CPE	Name	Operator	Version
cmpro_team:clan_manager_pro	cmpro team clan manager pro	le	1.1.0

References

www.osvdb.org/26224

www.vupen.com/english/advisories/2006/2195

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.7%

JSON

Related for CVE-2006-7045

cvelist1 nvd1