NVD

Id
63493  
Name
CVE-2006-4877  
Description
Variable overwrite vulnerability in David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to overwrite arbitrary program variables via multiple vectors that use the extract function, as demonstrated by the table_prefix parameter in (1) index.php, (2) profile.php, and (3) header.php.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-09-19  
Modified Date
2011-03-07  
Seq
2006-4877  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
330938 63493 CVE-2006-4877 1607  View
330939 63493 CVE-2006-4877 20060916 PHP-Post Multiple Input Validation Vulnerabilities  View
330940 63493 CVE-2006-4877 20061  View
330941 63493 CVE-2006-4877 ADV-2006-3688  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
59011 JVNDB-2006-001277 David Bennett PHPp における任意のプログラム変数を上書きされる脆弱性 David Bennett PHP-Post (PHPp) は、変数を上書きする不備があるため、任意のプログラム変数を上書きされる脆弱性が存在します。 CVE-2006-4877 20979 CVE-2006-4877 63493 5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-001277.html 2006-09-19 2012-06-26 View