NVD

Id
63412  
Name
CVE-2006-4788  
Description
PHP remote file inclusion vulnerability in includes/log.inc.php in Telekorn SignKorn Guestbook (SL) 1.3 and earlier, when register_globals is enabled and _SESSION[permission] parameter is set to "yes", allows remote attackers to execute arbitrary PHP code via a URL in the dir_path parameter.  
Reject
 
CVSS Version
2  
CVSS Score
5.1  
Severity
Medium  
CVSS Base Score
5.1  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
4.9  
CVSS Vector
(AV:N/AC:H/Au:N/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-09-14  
Modified Date
2011-03-07  
Seq
2006-4788  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
330433 63412 CVE-2006-4788 2354  View
330434 63412 CVE-2006-4788 http://www.telekorn.com/forum/showthread.php?t=1427  View
330435 63412 CVE-2006-4788 ADV-2006-3570  View
330436 63412 CVE-2006-4788 signkorn-log-file-include(28888)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
60905 JVNDB-2006-003171 Telekorn SL の includes/log.inc.php における PHP リモートファイルインクルージョンの脆弱性 Telekorn SignKorn Guestbook (SL) の includes/log.inc.php には、register_globals が有効で、_SESSION[permission] パラメータに "yes" が設定されている際、PHP リモートファイルインクルージョンの脆弱性が存在します。 CVE-2006-4788 20890 CVE-2006-4788 63412 5.1 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003171.html 2006-09-14 2012-12-20 View