Lucene search

MitreCVE-2006-3777

HistoryJul 24, 2006 - 12:19 p.m.

CVE-2006-3777

2006-07-2412:19:00

CWE-94

mitre

web.nvd.nist.gov

cve

2006

3777

php

remote file inclusion

index.php

idevspot

phplinkexchange

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

Low

EPSS

0.08

Percentile

94.3%

JSON

PHP remote file inclusion vulnerability in index.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

Affected configurations

Nvd

Node

idevspotphplinkexchangeMatch1.0

VendorProductVersionCPE
idevspotphplinkexchange1.0cpe:2.3:a:idevspot:phplinkexchange:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
idevspot	phplinkexchange	1.0	cpe:2.3:a:idevspot:phplinkexchange:1.0:::::::*

References

pridels0.blogspot.com/2006/07/phplinkexchange-remote-file-inclusion.html

secunia.com/advisories/21126

www.osvdb.org/27410

www.securityfocus.com/bid/19083

www.vupen.com/english/advisories/2006/2900

exchange.xforce.ibmcloud.com/vulnerabilities/27851

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

Low

EPSS

0.08

Percentile

94.3%

JSON

Related for CVE-2006-3777