Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2006-2685

Опубликовано: 31 мая 2006
Источник: nvd
CVSS2: 4
EPSS Высокий

Описание

PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:kevin_johnson:basic_analysis_and_security_engine:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:kevin_johnson:basic_analysis_and_security_engine:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:kevin_johnson:basic_analysis_and_security_engine:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:kevin_johnson:basic_analysis_and_security_engine:1.2.4:*:*:*:*:*:*:*

EPSS

Процентиль: 99%
0.85605
Высокий

4 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

ubuntu логотип

CVE-2006-2685

ubuntu
больше 19 лет назад

PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.

debian логотип

CVE-2006-2685

debian
больше 19 лет назад

PHP remote file inclusion vulnerability in Basic Analysis and Security ...

github логотип

GHSA-h78c-2562-6c4v

github
больше 3 лет назад

PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.

EPSS

Процентиль: 99%
0.85605
Высокий

4 Medium

CVSS2

Дефекты

CWE-94