CVE-2006-3531

2006-07-1221:00:00

mitre

www.cve.org

7.1 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.0%

JSON

includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates the authentication credentials from parameters, which allows remote attackers to obtain privileges and upload arbitrary files via modified (1) pass and (2) session parameters, and (3) pass and (4) userlevel indices of the (a) Pivot_Vars[] or (b) Users[] array parameters.

References

retrogod.altervista.org/pivot_130RC2_xpl.html

secunia.com/advisories/20962

securityreason.com/securityalert/1214

www.osvdb.org/27126

www.securityfocus.com/archive/1/439495/100/0/threaded

www.securityfocus.com/bid/18881

www.vupen.com/english/advisories/2006/2744

exchange.xforce.ibmcloud.com/vulnerabilities/27671