Lucene search

[email protected]CVE-2006-7147

HistoryMar 07, 2007 - 8:19 p.m.

CVE-2006-7147

2007-03-0720:19:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2006-7147

php

remote file inclusion

vulnerability

phpbb

import tools mod

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.02 Low

EPSS

Percentile

88.9%

JSON

PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBB Import Tools Mod 0.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

Affected configurations

NVD

Node

phpbbimport_toolsMatch0.1.3

phpbbimport_toolsMatch0.1.4

CPENameOperatorVersion
phpbb:import_toolsphpbb import toolseq0.1.3
phpbb:import_toolsphpbb import toolseq0.1.4

CPE	Name	Operator	Version
phpbb:import_tools	phpbb import tools	eq	0.1.3
phpbb:import_tools	phpbb import tools	eq	0.1.4

References

www.securityfocus.com/bid/20525

exchange.xforce.ibmcloud.com/vulnerabilities/29512

www.exploit-db.com/exploits/2531

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.02 Low

EPSS

Percentile

88.9%

JSON

Related for CVE-2006-7147

cvelist1 nvd1 nessus1