CVE-2006-1994

PHP remote file inclusion vulnerability in dForum 1.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DFORUM_PATH parameter to (1) about.php, (2) admin.php, (3) anmelden.php, (4) losethread.php, (5) config.php, (6) delpost.php, (7) delthread.php, (8) dfcode.php, (9) download.php, (10) editanoc.php, (11) forum.php, (12) login.php, (13) makethread.php, (14) menu.php, (15) newthread.php, (16) openthread.php, (17) overview.php, (18) post.php, (19) suchen.php, (20) user.php, (21) userconfig.php, (22) userinfo.php, and (23) verwalten.php.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045369.html
http://secunia.com/advisories/19788	Vendor Advisory
http://www.nukedx.com/?viewdoc=27	Vendor Advisory
http://www.securityfocus.com/archive/1/431758
http://www.securityfocus.com/bid/17650	Exploit
http://www.vupen.com/english/advisories/2006/1482
https://exchange.xforce.ibmcloud.com/vulnerabilities/26035

Configurations

Configuration 1 (hide)

cpe:2.3:a:dforum:dforum:1.5:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-04-25 12:50

Updated : 2024-02-28 10:42

NVD link : CVE-2006-1994

Mitre link : CVE-2006-1994

CVE.ORG link : CVE-2006-1994

JSON object : View

Products Affected

dforum

dforum

CWE

NVD-CWE-Other

{"id": "CVE-2006-1994", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-04-25T12:50:00.000", "references": [{"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045369.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/19788", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.nukedx.com/?viewdoc=27", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/431758", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/17650", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/1482", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26035", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "PHP remote file inclusion vulnerability in dForum 1.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DFORUM_PATH parameter to (1) about.php, (2) admin.php, (3) anmelden.php, (4) losethread.php, (5) config.php, (6) delpost.php, (7) delthread.php, (8) dfcode.php, (9) download.php, (10) editanoc.php, (11) forum.php, (12) login.php, (13) makethread.php, (14) menu.php, (15) newthread.php, (16) openthread.php, (17) overview.php, (18) post.php, (19) suchen.php, (20) user.php, (21) userconfig.php, (22) userinfo.php, and (23) verwalten.php."}], "lastModified": "2017-07-20T01:31:05.537", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dforum:dforum:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AF7800C-0567-44A1-99C8-192FAD8D0281"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}