Lucene search

[email protected]NVD:CVE-2006-4428

HistoryAug 29, 2006 - 12:04 a.m.

CVE-2006-4428

2006-08-2900:04:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

High

EPSS

0.153

Percentile

95.9%

JSON

PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to execute arbitrary PHP code via a URL in the template parameter. NOTE: CVE disputes this claim, since the $template variable is defined as a static value before it is referenced in an include statement

Affected configurations

Nvd

Node

jupiter_cmsjupiter_cmsMatch1.1.5

VendorProductVersionCPE
jupiter_cmsjupiter_cms1.1.5cpe:2.3:a:jupiter_cms:jupiter_cms:1.1.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jupiter_cms	jupiter_cms	1.1.5	cpe:2.3:a:jupiter_cms:jupiter_cms:1.1.5:::::::*

References

www.attrition.org/pipermail/vim/2006-August/000996.html

www.osvdb.org/28298

www.securityfocus.com/archive/1/444421/100/0/threaded

www.securityfocus.com/archive/1/444729/100/0/threaded

www.securityfocus.com/bid/19721

exchange.xforce.ibmcloud.com/vulnerabilities/28589

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

High

EPSS

0.153

Percentile

95.9%

JSON

Related for NVD:CVE-2006-4428

exploitdb1 cve1 cvelist1