Lucene search

PRIOn knowledge basePRION:CVE-2006-1800

HistoryApr 18, 2006 - 10:02 a.m.

Directory traversal

2006-04-1810:02:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.039 Low

EPSS

Percentile

91.7%

JSON

Directory traversal vulnerability in posts.php in SimpleBBS 1.0.6 through 1.1 allows remote attackers to include and execute arbitrary files via “…” sequences in the language cookie, as demonstrated by by injecting the code into the gl_session cookie of users.php, which is stored in error.log.

CPENameOperatorVersion
simplebbseq1.1
simplebbseq1.0.6
simplebbseq1.0.7

Name	Operator	Version
simplebbs	eq	1.1
simplebbs	eq	1.0.6
simplebbs	eq	1.0.7

References

downloads.securityfocus.com/vulnerabilities/exploits/SimpleBBS-RCE-posts.php.pl

www.securityfocus.com/archive/1/430872

www.securityfocus.com/bid/17501

www.worlddefacers.de/Public/WD-SMPL.txt

exchange.xforce.ibmcloud.com/vulnerabilities/25788

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.039 Low

EPSS

Percentile

91.7%

JSON

Related for PRION:CVE-2006-1800

cve1