7.5

CVE-2006-5256

Exploit
PHP remote file inclusion vulnerability in claroline/inc/lib/import.lib.php in Claroline 1.8.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the includePath parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ClarolineClaroline Version <= 1.8.0
ClarolineClaroline Version1.2
ClarolineClaroline Version1.3
ClarolineClaroline Version1.4
ClarolineClaroline Version1.5
ClarolineClaroline Version1.5.3
ClarolineClaroline Version1.5.4
ClarolineClaroline Version1.6
ClarolineClaroline Version1.6_beta
ClarolineClaroline Version1.6_rc1
ClarolineClaroline Version1.7
ClarolineClaroline Version1.7.1
ClarolineClaroline Version1.7.2
ClarolineClaroline Version1.7.3
ClarolineClaroline Version1.7.4
ClarolineClaroline Version1.7.5
ClarolineClaroline Version1.7.6
ClarolineClaroline Version1.7.7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.5% 0.877
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/22364
Vendor Advisory
http://securityreason.com/securityalert/1719
http://securitytracker.com/id?1017044
http://www.securityfocus.com/archive/1/448174/100/0/threaded
http://www.securityfocus.com/bid/20444
Exploit
http://www.vupen.com/english/advisories/2006/3996
https://exchange.xforce.ibmcloud.com/vulnerabilities/29426
https://www.exploit-db.com/exploits/2510