7.5

CVE-2006-2507

Exploit

EPSS 8.4%
Published 22.05.2006 19:02:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foing 0.2.0 through 0.7.0, as used with phpBB, allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) index.php, (2) song.php, (3) faq.php, (4) list.php, (5) gen_m3u.php, and (6) playlist.php.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Teake Nutma ≫ Foing Version0.2.0

Teake Nutma ≫ Foing Version0.3.0

Teake Nutma ≫ Foing Version0.4.0

Teake Nutma ≫ Foing Version0.5.0

Teake Nutma ≫ Foing Version0.6.0

Teake Nutma ≫ Foing Version0.7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	8.4%	0.92

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://kurdishsecurity.blogspot.com/2006/05/kurdish-security-7-foing-remote-file.html

Vendor Advisory

Exploit

http://secunia.com/advisories/20092

Vendor Advisory

Exploit

http://securityreason.com/securityalert/932

http://www.osvdb.org/25564

http://www.securityfocus.com/archive/1/433824/100/0/threaded

http://www.securityfocus.com/archive/1/435302/100/0/threaded

http://www.securityfocus.com/bid/17963

Exploit

http://www.vupen.com/english/advisories/2006/1793

https://exchange.xforce.ibmcloud.com/vulnerabilities/26425

https://nvd.nist.gov/vuln/detail/CVE-2006-2507

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2507

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2507

EUVD