Lucene search

[email protected]CVE-2006-7104

HistoryMar 03, 2007 - 9:19 p.m.

CVE-2006-7104

2007-03-0321:19:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2006-7104

php

remote file inclusion

vulnerability

htmltemplate.php

mostlycontent editor

mostlyce

mambo 4.5.4

nvd

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.6%

JSON

PHP remote file inclusion vulnerability in htmltemplate.php in the Chad Auld MOStlyContent Editor (MOStlyCE) as created on May 2006, a component for Mambo 4.5.4, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Affected configurations

NVD

Node

mambomostlyceMatch4.5.4

CPENameOperatorVersion
mambo:mostlycemambo mostlyceeq4.5.4

CPE	Name	Operator	Version
mambo:mostlyce	mambo mostlyce	eq	4.5.4

References

securityreason.com/securityalert/2363

www.securityfocus.com/archive/1/448786

www.securityfocus.com/bid/20549

exchange.xforce.ibmcloud.com/vulnerabilities/29598

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.6%

JSON

Related for CVE-2006-7104

cvelist1 nvd1