Lucene search
MitreCVE-2006-5412HistoryOct 20, 2006 - 2:07 p.m.
CVE-2006-5412
2006-10-2014:07:00
mitre
web.nvd.nist.gov
199
php
outburst easynews
cve-2006-5412
remote code execution
authentication bypass
CVSS2
5.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
8
Confidence
Low
EPSS
0.065
Percentile
93.8%
admin.php in PHP Outburst Easynews 4.4.1 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication, and gain the ability to execute arbitrary code, via the en_login_id parameter.
Affected configurations
Node
php_outbursteasynewsRange≤4.4.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| php_outburst | easynews | * | cpe:2.3:a:php_outburst:easynews:*:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Easynews 4.4.1 - 'admin.php' Authentication Bypass
2006-10-17 00:00:00
cvelist
cvelist
CVE-2006-5412
2006-10-20 10:00:00
nvd
nvd
CVE-2006-5412
2006-10-20 14:07:00
CVSS2
5.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
AI Score
8
Confidence
Low
EPSS
0.065
Percentile
93.8%
Related for CVE-2006-5412