Lucene search
HistoryMar 06, 2007 - 1:19 a.m.
CVE-2006-7127
cve-2006-7127
php
remote file inclusion
jaf cms 4.0
security vulnerability
nvd
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.032 Low
EPSS
Percentile
91.2%
Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php.
Affected configurations
Node
salims_softhousejaf_cmsMatch4.0rc1
ORsalims_softhousejaf_cmsMatch4.0rc2
| CPE | Name | Operator | Version |
|---|---|---|---|
| salims_softhouse:jaf_cms | salims softhouse jaf cms | eq | 4.0 |
Related
nvd
nvd
CVE-2006-7127
2007-03-06 01:19:00
CVE-2008-1609
2008-04-01 16:44:00
cvelist
cvelist
CVE-2006-7127
2007-03-06 01:00:00
CVE-2008-1609
2008-04-01 16:00:00
prion
prion
Remote file inclusion
2008-04-01 16:44:00
cve
cve
CVE-2008-1609
2008-04-01 16:44:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.032 Low
EPSS
Percentile
91.2%
Related for CVE-2006-7127