Lucene search

[email protected]CVE-2006-3475

HistoryJul 10, 2006 - 8:05 p.m.

CVE-2006-3475

2006-07-1020:05:00

[email protected]

web.nvd.nist.gov

cve-2006-3475

information security

php

remote file inclusion

qboard 1.1

vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.599 Medium

EPSS

Percentile

97.8%

JSON

Multiple PHP remote file inclusion vulnerabilities in free QBoard 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the qb_path parameter to (1) index.php, (2) about.php, (3) contact.php, (4) delete.php, (5) faq.php, (6) features.php or (7) history.php, a different set of vectors than CVE-2006-2998.

Affected configurations

NVD

Node

free_qboardfree_qboardMatch1.1

CPENameOperatorVersion
free_qboard:free_qboardfree qboardeq1.1

CPE	Name	Operator	Version
free_qboard:free_qboard	free qboard	eq	1.1

References

securityreason.com/securityalert/1233

securitytracker.com/id?1016433

www.osvdb.org/28059

www.osvdb.org/28060

www.osvdb.org/28061

www.osvdb.org/28062

www.osvdb.org/28063

www.osvdb.org/28064

www.osvdb.org/28065

www.securityfocus.com/archive/1/438951/100/0/threaded

www.securityfocus.com/archive/1/453293/100/0/threaded

www.securityfocus.com/bid/18788

www.securityfocus.com/bid/21394

exchange.xforce.ibmcloud.com/vulnerabilities/27040

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.599 Medium

EPSS

Percentile

97.8%

JSON

Related for CVE-2006-3475

nvd2 cvelist2 cve1