NVD

Id
62285  
Name
CVE-2006-3611  
Description
Directory traversal vulnerability in pm.php in Phorum 5 allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in the GLOBALS[template] parameter, as demonstrated by injecting PHP sequences into a log file, which is then included by pm.php.  
Reject
 
CVSS Version
2  
CVSS Score
5.5  
Severity
Medium  
CVSS Base Score
5.5  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-07-18  
Modified Date
2011-03-07  
Seq
2006-3611  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
322727 62285 CVE-2006-3611 http://retrogod.altervista.org/phorum5_local_incl_xpl.html  View
322728 62285 CVE-2006-3611 http://www.phorum.org/phorum5/read.php?14,114358  View
322729 62285 CVE-2006-3611 20060713 PHORUM 5 arbitrary local inclusion  View
322730 62285 CVE-2006-3611 ADV-2006-2794  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
60502 JVNDB-2006-002768 Phorum の pm.php におけるディレクトリトラバーサルの脆弱性 Phorum の pm.php には、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2006-3611 19713 CVE-2006-3611 62285 5.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-002768.html 2006-07-13 2012-12-20 View