Lucene search

MitreCVE-2006-3776

HistoryJul 24, 2006 - 12:19 p.m.

CVE-2006-3776

2006-07-2412:19:00

CWE-94

mitre

web.nvd.nist.gov

cve-2006-3776

php

remote file inclusion

idevspot

phphostbot 1.0

autohost 3.0

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.116

Percentile

95.3%

JSON

PHP remote file inclusion vulnerability in order/index.php in IDevSpot (1) PhpHostBot 1.0 and (2) AutoHost 3.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

Affected configurations

Nvd

Node

idevspotautohostMatch3.0

idevspotphphostbotMatch1.0

VendorProductVersionCPE
idevspotautohost3.0cpe:2.3:a:idevspot:autohost:3.0:*:*:*:*:*:*:*
idevspotphphostbot1.0cpe:2.3:a:idevspot:phphostbot:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
idevspot	autohost	3.0	cpe:2.3:a:idevspot:autohost:3.0:::::::*
idevspot	phphostbot	1.0	cpe:2.3:a:idevspot:phphostbot:1.0:::::::*

References

pridels0.blogspot.com/2006/07/phphostbot-remote-file-inclusion-vuln.html

secunia.com/advisories/21128

www.osvdb.org/27411

www.securityfocus.com/bid/19084

www.vupen.com/english/advisories/2006/2899

exchange.xforce.ibmcloud.com/vulnerabilities/27852

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.116

Percentile

95.3%

JSON

Related for CVE-2006-3776