Lucene search

[email protected]NVD:CVE-2006-0887

HistoryFeb 25, 2006 - 11:02 a.m.

CVE-2006-0887

2006-02-2511:02:00

CWE-94

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.029

Percentile

90.8%

JSON

Eval injection vulnerability in sessions.inc in PHP Base Library (PHPLib) before 7.4a, when index.php3 from the PHPLib distribution is available on the server, allows remote attackers to execute arbitrary PHP code by including a base64-encoded representation of the code in a cookie. NOTE: this description was significantly updated on 20060605 to reflect new details after an initial vague advisory.

Affected configurations

Nvd

Node

phplib_teamphplibMatch7.4

VendorProductVersionCPE
phplib_teamphplib7.4cpe:2.3:a:phplib_team:phplib:7.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phplib_team	phplib	7.4	cpe:2.3:a:phplib_team:phplib:7.4:::::::*

References

secunia.com/advisories/16902

securitytracker.com/id?1016123

sourceforge.net/project/shownotes.php?group_id=31885&release_id=396091

www.gulftech.org/?node=research&article_id=00107-03052006

www.osvdb.org/23466

www.securityfocus.com/bid/16801

www.vupen.com/english/advisories/2006/0720

exchange.xforce.ibmcloud.com/vulnerabilities/24873

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.029

Percentile

90.8%

JSON

Related for NVD:CVE-2006-0887

cvelist1 cve1 prion1 exploitdb1 exploitpack1 zdt1