Lucene search

MitreCVELIST:CVE-2006-5101

HistoryOct 02, 2006 - 8:00 p.m.

CVE-2006-5101

2006-10-0220:00:00

mitre

www.cve.org

AI Score

7.6

Confidence

Low

EPSS

0.434

Percentile

97.4%

JSON

PHP remote file inclusion vulnerability in include.php in Comdev CSV Importer 3.1 and possibly 4.1, as used in (1) Comdev Contact Form 3.1, (2) Comdev Customer Helpdesk 3.1, (3) Comdev Events Calendar 3.1, (4) Comdev FAQ Support 3.1, (5) Comdev Guestbook 3.1, (6) Comdev Links Directory 3.1, (7) Comdev News Publisher 3.1, (8) Comdev Newsletter 3.1, (9) Comdev Photo Gallery 3.1, (10) Comdev Vote Caster 3.1, (11) Comdev Web Blogger 3.1, and (12) Comdev eCommerce 3.1, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: it has been reported that 4.1 versions might also be affected.

References

secunia.com/advisories/22133

secunia.com/advisories/22134

secunia.com/advisories/22135

secunia.com/advisories/22147

secunia.com/advisories/22149

secunia.com/advisories/22151

secunia.com/advisories/22153

secunia.com/advisories/22154

secunia.com/advisories/22157

secunia.com/advisories/22168

secunia.com/advisories/22169

secunia.com/advisories/22170

securityreason.com/securityalert/1658

www.osvdb.org/29299

www.osvdb.org/29300

www.osvdb.org/29301

www.osvdb.org/29302

www.osvdb.org/29303

www.osvdb.org/29304

www.osvdb.org/29305

www.osvdb.org/29306

www.osvdb.org/29307

www.osvdb.org/29308

www.osvdb.org/29309

www.osvdb.org/29310

www.osvdb.org/29311

www.securityfocus.com/archive/1/447184/100/0/threaded

www.securityfocus.com/archive/1/447185/100/0/threaded

www.securityfocus.com/archive/1/447186/100/0/threaded

www.securityfocus.com/archive/1/447187/100/0/threaded

www.securityfocus.com/archive/1/447188/100/0/threaded

www.securityfocus.com/archive/1/447190/100/0/threaded

www.securityfocus.com/archive/1/447192/100/0/threaded

www.securityfocus.com/archive/1/447193/100/0/threaded

www.securityfocus.com/archive/1/447194/100/0/threaded

www.securityfocus.com/archive/1/447201/100/0/threaded

www.securityfocus.com/archive/1/447207/100/0/threaded

www.securityfocus.com/archive/1/447209/100/0/threaded

www.securityfocus.com/archive/1/447213/100/0/threaded

www.vupen.com/english/advisories/2006/3803

www.vupen.com/english/advisories/2006/3804

www.vupen.com/english/advisories/2006/3805

www.vupen.com/english/advisories/2006/3806

www.vupen.com/english/advisories/2006/3807

www.vupen.com/english/advisories/2006/3808

www.vupen.com/english/advisories/2006/3809

www.vupen.com/english/advisories/2006/3810

www.vupen.com/english/advisories/2006/3811

www.vupen.com/english/advisories/2006/3812

www.vupen.com/english/advisories/2006/3813

www.vupen.com/english/advisories/2006/3814

www.vupen.com/english/advisories/2006/3815

exchange.xforce.ibmcloud.com/vulnerabilities/29220