CVE-2006-3556

Опубликовано: 13 июл. 2006

Источник: nvd

CVSS2: 6.8

EPSS Средний

Описание

PHP remote file inclusion vulnerability in extcalendar.php in Mohamed Moujami ExtCalendar 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

Ссылки

http://advisories.echo.or.id/adv/adv36-matdhule-2006.txt
Exploit
Vendor Advisory
http://securityreason.com/securityalert/1227
http://www.securityfocus.com/archive/1/439451/100/0/threaded
http://www.securityfocus.com/archive/1/440451/100/0/threaded
http://www.securityfocus.com/archive/1/440870/100/0/threaded
http://www.securityfocus.com/bid/18876
Exploit
http://www.securityfocus.com/bid/19042
http://www.vupen.com/english/advisories/2006/2711
https://exchange.xforce.ibmcloud.com/vulnerabilities/27633
http://advisories.echo.or.id/adv/adv36-matdhule-2006.txt
Exploit
Vendor Advisory
http://securityreason.com/securityalert/1227
http://www.securityfocus.com/archive/1/439451/100/0/threaded
http://www.securityfocus.com/archive/1/440451/100/0/threaded
http://www.securityfocus.com/archive/1/440870/100/0/threaded
http://www.securityfocus.com/bid/18876
Exploit
http://www.securityfocus.com/bid/19042
http://www.vupen.com/english/advisories/2006/2711
https://exchange.xforce.ibmcloud.com/vulnerabilities/27633

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:extcalendar:extcalendar:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10003

Средний

6.8 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-58m6-pv72-6x4g

github

почти 4 года назад