NVD

Id
63060  
Name
CVE-2006-4425  
Description
Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote attackers to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter in coin_includes scripts including (1) api.php, (2) common.php, (3) core.php, (4) custom.php, (5) db.php, (6) redirect.php or (7) session_set.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
5.1  
Severity
Medium  
CVSS Base Score
5.1  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-08-28  
Modified Date
2011-03-07  
Seq
2006-4425  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
328390 63060 CVE-2006-4425 ADV-2006-3385  View
328391 63060 CVE-2006-4425 phpcoin-ccfgpkgpathincl-file-include(28572)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
58894 JVNDB-2006-001160 phpCOIN における PHP リモートファイルインクルージョンの脆弱性 phpCOIN は、PHP リモートファイルインクルージョンの脆弱性が存在します。 CVE-2006-4425 20527 CVE-2006-4425 63060 5.1 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-001160.html 2006-08-28 2012-06-26 View