CVE-2006-3316

Опубликовано: 29 июн. 2006

Источник: nvd

CVSS2: 5.1

EPSS Низкий

Описание

Multiple PHP remote file inclusion vulnerabilities in phpRaid 3.0.5 allow remote attackers to execute arbitrary code via a URL in the phpraid_dir parameter to (1) logs.php and (2) users.php, a different set of vectors than CVE-2006-3116.

Ссылки

http://secunia.com/advisories/20200
Patch
Vendor Advisory
http://secunia.com/secunia_research/2006-47/advisory/
Patch
Vendor Advisory
http://www.osvdb.org/26903
http://www.osvdb.org/26904
http://www.securityfocus.com/bid/18719
https://exchange.xforce.ibmcloud.com/vulnerabilities/27465
http://secunia.com/advisories/20200
Patch
Vendor Advisory
http://secunia.com/secunia_research/2006-47/advisory/
Patch
Vendor Advisory
http://www.osvdb.org/26903
http://www.osvdb.org/26904
http://www.securityfocus.com/bid/18719
https://exchange.xforce.ibmcloud.com/vulnerabilities/27465

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:spiffyjr:phpraid:3.0.5:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.0489

Низкий

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-w344-cgvx-8fq3

github

почти 4 года назад