Lucene search

[email protected]NVD:CVE-2006-3584

HistoryAug 08, 2006 - 11:04 p.m.

CVE-2006-3584

2006-08-0823:04:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.3%

JSON

Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2.1 SR1 allows remote attackers to overwrite configuration variables via URL parameters, which are evaluated as PHP variable variables.

Affected configurations

NVD

Node

jetboxjetbox_cmsMatch2.1

jetboxjetbox_cmsMatch2.1_sr1

References

secunia.com/advisories/20889

secunia.com/secunia_research/2006-57/advisory/

securityreason.com/securityalert/1339

www.securityfocus.com/archive/1/441980/100/0/threaded

www.securityfocus.com/bid/19303

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.3%

JSON

Related for NVD:CVE-2006-3584

cve1 cvelist1 securityvulns1