NVD

Id
61945  
Name
CVE-2006-3266  
Description
Multiple PHP remote file inclusion vulnerabilities in Bee-hive Lite 1.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) header parameter to (a) conad/include/rootGui.inc.php and (b) include/rootGui.inc.php; (2) mysqlCall parameter to (c) conad/changeEmail.inc.php, (d) conad/changeUserDetails.inc.php, (e) conad/checkPasswd.inc.php, (f) conad/login.inc.php and (g) conad/logout.inc.php; (3) mysqlcall parameter to (h) include/listall.inc.php; (4) prefix parameter to (i) show/index.php; and (5) config parameter to (j) conad/include/mysqlCall.inc.php.  
Reject
 
CVSS Version
2  
CVSS Score
5.1  
Severity
Medium  
CVSS Base Score
5.1  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-06-27  
Modified Date
2011-03-07  
Seq
2006-3266  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
320673 61945 CVE-2006-3266 1951  View
320674 61945 CVE-2006-3266 18654  View
320675 61945 CVE-2006-3266 ADV-2006-2516  View
320676 61945 CVE-2006-3266 beehive-multiple-scripts-file-include(27386)  View

Related JVN