CVE

Id
20532  
CVE No.
CVE-2006-4428  
Status
Candidate  
Description
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to execute arbitrary PHP code via a URL in the template parameter. NOTE: CVE disputes this claim, since the $template variable is defined as a static value before it is referenced in an include statement.  
Phase
Assigned (20060828)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
192716 20532 CVE-2006-4428 BUGTRAQ:20060825 Jupiter CMS 1.1.5 index.php Remote File Include  View
192717 20532 CVE-2006-4428 URL:http://www.securityfocus.com/archive/1/archive/1/444421/100/0/threaded  View
192718 20532 CVE-2006-4428 BUGTRAQ:20060829 Re: Jupiter CMS 1.1.5 index.php Remote File Include  View
192719 20532 CVE-2006-4428 URL:http://www.securityfocus.com/archive/1/archive/1/444729/100/0/threaded  View
192720 20532 CVE-2006-4428 VIM:20060828 Jupiter CMS file include - CVE dispute  View
192721 20532 CVE-2006-4428 URL:http://www.attrition.org/pipermail/vim/2006-August/000996.html  View
192722 20532 CVE-2006-4428 BID:19721  View
192723 20532 CVE-2006-4428 URL:http://www.securityfocus.com/bid/19721  View
192724 20532 CVE-2006-4428 OSVDB:28298  View
192725 20532 CVE-2006-4428 URL:http://www.osvdb.org/28298  View
192726 20532 CVE-2006-4428 XF:jupitercm-index-file-include(28589)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
62652 JVNDB-2005-000895 Cisco NAC におけるローカルおよびリモート保護メカニズムを回避される脆弱性 Cisco Network Admission Control (NAC) には、Cisco Clean Access (CCA) Agent のインストールを阻止され、ローカルおよびリモート保護メカニズムを回避される脆弱性が存在します。 CVE-2006-4430 20532 5 http://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000895.html  View