7.5

CVE-2006-2507

Exploit

EPSS 8.4%
Veröffentlicht 22.05.2006 19:02:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foing 0.2.0 through 0.7.0, as used with phpBB, allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) index.php, (2) song.php, (3) faq.php, (4) list.php, (5) gen_m3u.php, and (6) playlist.php.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Teake Nutma ≫ Foing Version0.2.0

Teake Nutma ≫ Foing Version0.3.0

Teake Nutma ≫ Foing Version0.4.0

Teake Nutma ≫ Foing Version0.5.0

Teake Nutma ≫ Foing Version0.6.0

Teake Nutma ≫ Foing Version0.7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	8.4%	0.92

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://kurdishsecurity.blogspot.com/2006/05/kurdish-security-7-foing-remote-file.html

Vendor Advisory

Exploit

http://secunia.com/advisories/20092

Vendor Advisory

Exploit

http://securityreason.com/securityalert/932

http://www.osvdb.org/25564

http://www.securityfocus.com/archive/1/433824/100/0/threaded

http://www.securityfocus.com/archive/1/435302/100/0/threaded

http://www.securityfocus.com/bid/17963

Exploit

http://www.vupen.com/english/advisories/2006/1793

https://exchange.xforce.ibmcloud.com/vulnerabilities/26425

https://nvd.nist.gov/vuln/detail/CVE-2006-2507

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2507

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2507

EUVD