7.5

CVE-2006-5911

EPSS 3.24%
Veröffentlicht 15.11.2006 15:07:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple PHP remote file inclusion vulnerabilities in Campware Campsite before 2.6.2 allow remote attackers to execute arbitrary PHP code via a URL in the g_documentRoot parameter to (1) Alias.php, (2) Article.php, (3) ArticleAttachment.php, (4) ArticleComment.php, (5) ArticleData.php, (6) ArticleImage.php, (7) ArticleIndex.php, (8) ArticlePublish.php, (9) ArticleTopic.php, (10) ArticleType.php, (11) ArticleTypeField.php, (12) Attachment.php, (13) Country.php, (14) DatabaseObject.php, (15) Event.php, (16) IPAccess.php, (17) Image.php, (18) Issue.php, (19) IssuePublish.php, (20) Language.php, (21) Log.php, (22) LoginAttempts.php, (23) Publication.php, (24) Section.php, (25) ShortURL.php, (26) Subscription.php, (27) SubscriptionDefaultTime.php, (28) SubscriptionSection.php, (29) SystemPref.php, (30) Template.php, (31) TimeUnit.php, (32) Topic.php, (33) UrlType.php, (34) User.php, and (35) UserType.php in implementation/management/classes/; (36) configuration.php and (37) db_connect.php in implementation/management/; and (38) LocalizerConfig.php and (39) LocalizerLanguage.php in implementation/management/priv/localizer/.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 48

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Campware.Org ≫ Campsite Version2.6.0

Campware.Org ≫ Campsite Version2.6.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.24%	0.867

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://code.campware.org/projects/campsite/changeset/6057

Patch

http://code.campware.org/projects/campsite/changeset/6058

Patch

http://code.campware.org/projects/campsite/query?milestone=2.6.2

http://code.campware.org/projects/campsite/ticket/2349

http://sourceforge.net/project/shownotes.php?release_id=459574&group_id=66936

Patch

http://www.osvdb.org/34187

http://www.osvdb.org/34188

http://www.osvdb.org/34189

http://www.osvdb.org/34190

http://www.osvdb.org/34191

http://www.osvdb.org/34192

http://www.osvdb.org/34193

http://www.osvdb.org/34194

http://www.osvdb.org/34195

http://www.osvdb.org/34196

http://www.osvdb.org/34197

http://www.osvdb.org/34198

http://www.osvdb.org/34199

http://www.osvdb.org/34200

http://www.osvdb.org/34201

http://www.osvdb.org/34202

http://www.osvdb.org/34203

http://www.osvdb.org/34204

http://www.osvdb.org/34205

http://www.osvdb.org/34206

http://www.osvdb.org/34207

http://www.osvdb.org/34208

http://www.osvdb.org/34209

http://www.osvdb.org/34210

http://www.osvdb.org/34211

http://www.osvdb.org/34212

http://www.osvdb.org/34213

http://www.osvdb.org/34214

http://www.osvdb.org/34215

http://www.osvdb.org/34216

http://www.osvdb.org/34217

http://www.osvdb.org/34218

http://www.osvdb.org/34219

http://www.osvdb.org/34220

http://www.osvdb.org/34221

http://www.osvdb.org/34222

http://www.osvdb.org/34223

http://www.osvdb.org/34224

http://www.osvdb.org/34225

http://www.securityfocus.com/bid/23874

https://nvd.nist.gov/vuln/detail/CVE-2006-5911

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-5911

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-5911

EUVD