Lucene search

PRIOn knowledge basePRION:CVE-2006-1746

HistoryApr 12, 2006 - 10:02 p.m.

Directory traversal

2006-04-1222:02:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.2%

JSON

Directory traversal vulnerability in PHPList 2.10.2 and earlier allows remote attackers to include arbitrary local files via the (1) GLOBALS[database_module] or (2) GLOBALS[language_module] parameters, which overwrite the underlying $GLOBALS variable.

CPENameOperatorVersion
phplisteq2.8.2
phplisteq2.6.3
phplisteq2.6.5
phplisteq2.6
phplisteq2.8.12
phplisteq2.6.2
phplisteq2.6.4
phplisteq2.8.7
phplisteq2.10.1
phplisteq2.6.1

Name	Operator	Version
phplist	eq	2.8.2
phplist	eq	2.6.3
phplist	eq	2.6.5
phplist	eq	2.6
phplist	eq	2.8.12
phplist	eq	2.6.2
phplist	eq	2.6.4
phplist	eq	2.8.7
phplist	eq	2.10.1
phplist	eq	2.6.1

Rows per page:

1-10 of 131

References

downloads.securityfocus.com/vulnerabilities/exploits/PHPList-lfi.php

securitytracker.com/id?1015889

tincan.co.uk/?lid=851

www.securityfocus.com/archive/1/430475/30/30/threaded

www.securityfocus.com/archive/1/430597

www.securityfocus.com/archive/1/448411

www.securityfocus.com/bid/17429

www.vupen.com/english/advisories/2006/1296

exchange.xforce.ibmcloud.com/vulnerabilities/25701

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.013 Low

EPSS

Percentile

85.2%

JSON

Related for PRION:CVE-2006-1746