CVE-2006-4864

2006-09-1918:00:00

mitre

www.cve.org

7.5 High

AI Score

Confidence

High

0.044 Low

EPSS

Percentile

92.4%

JSON

PHP remote file inclusion vulnerability in index.php in All Enthusiast ReviewPost 2.5 allows remote attackers to execute arbitrary PHP code via a URL in the RP_PATH parameter.

References

secunia.com/advisories/21971

securityreason.com/securityalert/1603

www.nyubicrew.org/adv/home_edition2001-adv-01.txt

www.securityfocus.com/archive/1/446106/100/0/threaded

www.vupen.com/english/advisories/2006/3658

exchange.xforce.ibmcloud.com/vulnerabilities/28992