CVE

Id
21338  
CVE No.
CVE-2006-5234  
Status
Candidate  
Description
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in phpWebSite 0.10.2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPWS_SOURCE_DIR parameter in (1) init.php, (2) users.php, (3) Cookie.php, (4) forms.php, (5) Groups.php, (6) ModSetting.php, (7) Calendar.php, (8) DateTime.php, (9) core.php, (10) ImgLibrary.php, (11) Manager.php, and (12) Template.php, and (13) EZform.php. NOTE: CVE disputes this report, since "PHPWS_SOURCE_DIR" is defined as a constant, not accessed as a variable.  
Phase
Assigned (20061010)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
203130 21338 CVE-2006-5234 BUGTRAQ:20061009 phpWebSite 0.10.2 Remote File Include Vulnerabilities  View
203131 21338 CVE-2006-5234 URL:http://www.securityfocus.com/archive/1/archive/1/448098/100/0/threaded  View
203132 21338 CVE-2006-5234 BUGTRAQ:20061011 Re: phpWebSite 0.10.2 Remote File Include Vulnerabilities  View
203133 21338 CVE-2006-5234 URL:http://www.securityfocus.com/archive/1/archive/1/448307/100/100/threaded  View
203134 21338 CVE-2006-5234 VIM:20061010 phpWebSite 0.10.2 RFI - CVE dispute  View
203135 21338 CVE-2006-5234 URL:http://www.attrition.org/pipermail/vim/2006-October/001079.html  View
203136 21338 CVE-2006-5234 BID:20412  View
203137 21338 CVE-2006-5234 URL:http://www.securityfocus.com/bid/20412  View
203138 21338 CVE-2006-5234 SREASON:1716  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
59103 JVNDB-2006-001369 4images の search.php における SQL インジェクションの脆弱性 4images の search.php には、SQL インジェクションの脆弱性が存在します。 CVE-2006-5236 21338 7.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-001369.html  View