Lucene search

PRIOn knowledge basePRION:CVE-2006-0881

HistoryFeb 24, 2006 - 11:02 a.m.

Remote file inclusion

2006-02-2411:02:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.099 Low

EPSS

Percentile

94.7%

JSON

Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php in Noah’s Classifieds 1.3, when register_globals is enabled, allow remote attackers to include arbitrary PHP files via the (1) upperTemplate and (2) lowerTemplate parameters, as demonstrated using the lowerTemplate parameter to index.php.

CPENameOperatorVersion
noahs_classifiedseq1.3
noahs_classifiedseq1.2

CPE	Name	Operator	Version
	noahs_classifieds	eq	1.3
	noahs_classifieds	eq	1.2

References

securitytracker.com/id?1015667

www.kapda.ir/advisory-268.html

www.securityfocus.com/archive/1/425783/100/0/threaded

www.securityfocus.com/bid/16780

www.vupen.com/english/advisories/2006/0703

exchange.xforce.ibmcloud.com/vulnerabilities/24899

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.099 Low

EPSS

Percentile

94.7%

JSON

Related for PRION:CVE-2006-0881