CVE

Id
20661  
CVE No.
CVE-2006-4557  
Status
Candidate  
Description
** DISPUTED ** PHP remote file inclusion vulnerability in plugins/plugins.php in Bob Jewell Discloser 0.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the type parameter. NOTE: another researcher has stated that an attacker cannot control the type parameter. As of 20060901, CVE analysis concurs with the dispute.  
Phase
Assigned (20060905)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
194410 20661 CVE-2006-4557 BUGTRAQ:20060816 discloser 0.0.4 Remote File Inclusion (with Exploit)  View
194411 20661 CVE-2006-4557 URL:http://www.securityfocus.com/archive/1/archive/1/443466/100/200/threaded  View
194412 20661 CVE-2006-4557 BUGTRAQ:20060817 Re: Re: discloser 0.0.4 Remote File Inclusion (with Exploit)  View
194413 20661 CVE-2006-4557 URL:http://www.securityfocus.com/archive/1/archive/1/443710/100/100/threaded  View
194414 20661 CVE-2006-4557 BUGTRAQ:20060817 Re: discloser 0.0.4 Remote File Inclusion (with Exploit)  View
194415 20661 CVE-2006-4557 URL:http://www.securityfocus.com/archive/1/archive/1/443522/100/200/threaded  View
194416 20661 CVE-2006-4557 BUGTRAQ:20060819 Re: discloser 0.0.4 Remote File Inclusion (with Exploit)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
58928 JVNDB-2006-001194 YACS CMS における PHP リモートファイルインクルージョンの脆弱性 Yet Another Community System (YACS) CMS には、PHP リモートファイルインクルージョンの脆弱性が存在します。 CVE-2006-4559 20661 7.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-001194.html  View