exploitDog

CVE-2006-4085

Опубликовано: 11 авг. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to pagenavigation.php, a different vector than CVE-2006-4055. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Ссылки

http://secunia.com/advisories/21291
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/28107
http://secunia.com/advisories/21291
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/28107

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:olaf_noehring:the_search_engine_project:*:*:*:*:*:*:*:*

Версия до 0.942 (включая)

EPSS

Процентиль: 81%

0.01605

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9xc9-cc34-mr9j

github

почти 4 года назад

PHP remote file inclusion vulnerability in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to pagenavigation.php, a different vector than CVE-2006-4055. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

EPSS

Процентиль: 81%

0.01605

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other