NVD

Id
62851  
Name
CVE-2006-4210  
Description
nu_mail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when register_globals is enabled, allows remote attackers to use the server as an open mail relay via modified mail_text2, user_row[5], nu_mail_1, and shop_mail parameters. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
2.6  
Severity
Low  
CVSS Base Score
2.6  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:N/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-08-17  
Modified Date
2011-03-07  
Seq
2006-4210  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
326803 62851 CVE-2006-4210 2181  View
326804 62851 CVE-2006-4210 19517  View
326805 62851 CVE-2006-4210 phpay-numail-header-injection(28366)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
58835 JVNDB-2006-001101 Andreas Kansok phPay の nu_mail.inc.php におけるサーバをオープンメール中継に使用される脆弱性 Andreas Kansok phPay の nu_mail.inc.php には、register_globals が有効になった際、サーバをオープンメール中継に使用される脆弱性が存在します。 CVE-2006-4210 20312 CVE-2006-4210 62851 2.6 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-001101.html 2006-08-17 2012-06-26 View