Lucene search

PRIOn knowledge basePRION:CVE-2006-1707

HistoryApr 11, 2006 - 10:02 a.m.

Code injection

2006-04-1110:02:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

79.8%

JSON

index.php in Shopweezle 2.0 allows remote attackers to include arbitrary local files via the url parameter.

CPENameOperatorVersion
shopweezleeq2.0.0-personal
shopweezleeq2.0.0-professionalplus
shopweezleeq2.0
shopweezleeq2.0.0-professional

Name	Operator	Version
shopweezle	eq	2.0.0-personal
shopweezle	eq	2.0.0-professionalplus
shopweezle	eq	2.0
shopweezle	eq	2.0.0-professional

References

www.osvdb.org/24474

exchange.xforce.ibmcloud.com/vulnerabilities/25725

pridels0.blogspot.com/2006/04/shopweezle-20-multiple-vuln.html

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

79.8%

JSON

Related for PRION:CVE-2006-1707

cve1