Lucene search
MitreCVE-2006-5263HistoryOct 12, 2006 - 10:07 p.m.
CVE-2006-5263
2006-10-1222:07:00
mitre
web.nvd.nist.gov
20
cve
2006
5263
directory traversal
templates
header.php3
phpmyagenda
remote attackers
arbitrary local files
language parameter
apache http server
log file
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.019
Percentile
88.6%
Directory traversal vulnerability in templates/header.php3 in phpMyAgenda 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the language parameter, as demonstrated by a parameter value naming an Apache HTTP Server log file that apparently contains PHP code.
Affected configurations
Node
phpmyagendaphpmyagendaRange≤3.1_beta_1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpmyagenda | phpmyagenda | * | cpe:2.3:a:phpmyagenda:phpmyagenda:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2006-5263
2006-10-12 22:00:00
exploitdb
exploitdb
phpMyAgenda 3.1 - '/templates/header.php3' Local File Inclusion
2006-10-10 00:00:00
nvd
nvd
CVE-2006-5263
2006-10-12 22:07:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.019
Percentile
88.6%
Related for CVE-2006-5263