Lucene search

PRIOn knowledge basePRION:CVE-2006-0824

HistoryFeb 21, 2006 - 11:02 p.m.

Code injection

2006-02-2123:02:00

PRIOn knowledge base

www.prio-n.com

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.147 Low

EPSS

Percentile

95.6%

JSON

Multiple unspecified vulnerabilities in lib-common.php in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to include arbitrary local files and execute arbitrary code via (1) absolute paths in unspecified parameters and (2) the language cookie, as demonstrated for code execution using error.log.

CPENameOperatorVersion
geeklogeq1.3.11-sr3
geeklogeq1.3.11-sr2
geeklogeq1.4.0
geeklogeq1.3.11-sr1
geeklogeq1.3.11

Name	Operator	Version
geeklog	eq	1.3.11-sr3
geeklog	eq	1.3.11-sr2
geeklog	eq	1.4.0
geeklog	eq	1.3.11-sr1
geeklog	eq	1.3.11

References

secunia.com/advisories/18920

www.geeklog.net/article.php/geeklog-1.4.0sr1

www.gulftech.org/?node=research&article_id=00102-02192006

www.osvdb.org/23349

www.securityfocus.com/archive/1/425506/100/0/threaded

www.securityfocus.com/bid/16755

www.vupen.com/english/advisories/2006/0661

8.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.147 Low

EPSS

Percentile

95.6%

JSON

Related for PRION:CVE-2006-0824