Lucene search

[email protected]NVD:CVE-2006-5095

HistorySep 29, 2006 - 9:07 p.m.

CVE-2006-5095

2006-09-2921:07:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.012

Percentile

85.0%

JSON

PHP remote file inclusion vulnerability in index.php in MyPhotos 0.1.3b beta allows remote attackers to execute arbitrary PHP code via the includesdir parameter. NOTE: this issue is disputed by CVE on 20060927, since the includesdir is defined before being used when the product is installed according to the provided instructions

Affected configurations

Nvd

Node

myphotosmyphotosMatch0.1.3b_beta

VendorProductVersionCPE
myphotosmyphotos0.1.3b_betacpe:2.3:a:myphotos:myphotos:0.1.3b_beta:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
myphotos	myphotos	0.1.3b_beta	cpe:2.3:a:myphotos:myphotos:0.1.3b_beta:::::::*

References

attrition.org/pipermail/vim/2006-September/001057.html

securityreason.com/securityalert/1656

www.securityfocus.com/archive/1/446876/100/0/threaded

www.securityfocus.com/bid/20160

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.012

Percentile

85.0%

JSON

Related for NVD:CVE-2006-5095

cve1 cvelist1