Lucene search

[email protected]NVD:CVE-2006-3997

HistoryAug 05, 2006 - 1:04 a.m.

CVE-2006-3997

2006-08-0501:04:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

High

EPSS

0.168

Percentile

96.1%

JSON

PHP remote file inclusion vulnerability in hsList.php in WoWRoster (aka World of Warcraft Roster) 1.5.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter.

Affected configurations

Nvd

Node

wowrosterwowrosterMatch1.5

wowrosterwowrosterMatch1.5.1

VendorProductVersionCPE
wowrosterwowroster1.5cpe:2.3:a:wowroster:wowroster:1.5:*:*:*:*:*:*:*
wowrosterwowroster1.5.1cpe:2.3:a:wowroster:wowroster:1.5.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wowroster	wowroster	1.5	cpe:2.3:a:wowroster:wowroster:1.5:::::::*
wowroster	wowroster	1.5.1	cpe:2.3:a:wowroster:wowroster:1.5.1:::::::*

References

secunia.com/advisories/21299

securityreason.com/securityalert/1329

securitytracker.com/id?1016631

www.securityfocus.com/archive/1/441820/100/0/threaded

www.securityfocus.com/bid/19269

www.wowroster.net/Forums/viewtopic/t=333.html

exchange.xforce.ibmcloud.com/vulnerabilities/28101

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

High

EPSS

0.168

Percentile

96.1%

JSON

Related for NVD:CVE-2006-3997

checkpoint_advisories1 cve1 cvelist1 exploitdb1