Lucene search
K

4 matches found

NVD
NVD
added 2006/11/15 3:7 p.m.19 views

CVE-2006-5899

PHP remote file inclusion vulnerability in install.php3 in @cid stats 2.3 allows remote attackers to execute arbitrary PHP code via a URL in the repertoire parameter. NOTE: this issue has been disputed by a third party, who states that install.php3 is supposed to be deleted after installation and...

7.5CVSS7.5AI score0.02053EPSS
Exploits0References2
CVE
CVE
added 2006/11/15 3:0 p.m.45 views

CVE-2006-5899

The CVE-2006-5899 issue is a PHP remote file inclusion in @cid stats 2.3 via the repertoire parameter of install.php3, enabling remote code execution. The root cause is the presence of install.php3 that can be invoked with a URL parameter to include arbitrary PHP code. The notes in sources indica...

7.5CVSS7.8AI score0.02053EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2006/11/15 3:0 p.m.18 views

CVE-2006-5899

PHP remote file inclusion vulnerability in install.php3 in @cid stats 2.3 allows remote attackers to execute arbitrary PHP code via a URL in the repertoire parameter. NOTE: this issue has been disputed by a third party, who states that install.php3 is supposed to be deleted after installation and...

7.5AI score0.02053EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2006/11/06 12:0 a.m.73 views

@cid Stats 2.3 - 'Install.php3' Remote File Inclusion

source: https://www.securityfocus.com/bid/20925/info The '@cid stats' program is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other...

7.4AI score
Exploits0
Rows per page
Query Builder