CVE-2006-3998

Exploit

EPSS 6.73%
Published 05.08.2006 01:04:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

PHP remote file inclusion vulnerability in conf.php in WoWRoster (aka World of Warcraft Roster) 1.5.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the subdir parameter.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Wowroster ≫ Wowroster Version1.5

Wowroster ≫ Wowroster Version1.5.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	6.73%	0.909

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.securityfocus.com/bid/19269

Exploit

http://www.wowroster.net/Forums/viewtopic/t=333.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/28101

http://www.vupen.com/english/advisories/2006/3094

https://www.exploit-db.com/exploits/2099

https://nvd.nist.gov/vuln/detail/CVE-2006-3998

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3998

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3998

EUVD