NVD

Id
61566  
Name
CVE-2006-2881  
Description
Multiple PHP remote file inclusion vulnerabilities in DreamAccount 3.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the da_path parameter in the (1) auth.cookie.inc.php, (2) auth.header.inc.php, or (3) auth.sessions.inc.php scripts.  
Reject
 
CVSS Version
2  
CVSS Score
5.1  
Severity
Medium  
CVSS Base Score
5.1  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-06-07  
Modified Date
2011-03-07  
Seq
2006-2881  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
318450 61566 CVE-2006-2881 1881  View
318451 61566 CVE-2006-2881 1062  View
318452 61566 CVE-2006-2881 1016272  View
318453 61566 CVE-2006-2881 http://www.majorsecurity.de/advisory/major_rls8.txt  View
318454 61566 CVE-2006-2881 20060605 [MajorSecurity #8]DreamAccount <= 3.1 - Remote File Include Vulnerability  View
318455 61566 CVE-2006-2881 20060606 Re: [MajorSecurity #8]DreamAccount <= 3.1 - Remote File Include Vulnerability  View
318456 61566 CVE-2006-2881 18278  View
318457 61566 CVE-2006-2881 ADV-2006-2152  View
318458 61566 CVE-2006-2881 dreamaccount-dapath-file-include(26932)  View

Related JVN