NVD

Id
64096  
Name
CVE-2006-5495  
Description
Multiple PHP remote file inclusion vulnerabilities in Trawler Web CMS 1.8.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) path_red2 parameter to (a) _msdazu_pdata/redaktion/artikel/up/index.php; (b) addtort.php, (c) colorpik2.php, (d) colorpik3.php, (e) extras_menu.php, (f) farbpalette.php, (g) lese_inc.php, and (h) newfile.php in _msdazu_share/richtext/; the (2) path_scr_dat2 parameter to (i)_msdazu_share/share/insert1.php; the (3) path_red parameter to (j) _msdazu_share/extras/downloads/index.php; and unspecified parameters in other files.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-10-25  
Modified Date
2011-03-07  
Seq
2006-5495  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
334366 64096 CVE-2006-5495 http://cmsblog.msdazu.de/?p=209  View
334367 64096 CVE-2006-5495 2611  View
334368 64096 CVE-2006-5495 1017111  View
334369 64096 CVE-2006-5495 20061021 trawler <= 1.8.1 Remote File Inclusion  View
334370 64096 CVE-2006-5495 20662  View
334371 64096 CVE-2006-5495 20678  View
334372 64096 CVE-2006-5495 ADV-2006-4152  View
334373 64096 CVE-2006-5495 trawler-pathred-file-include(29715)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
61075 JVNDB-2006-003341 Trawler Web CMS における PHP リモートファイルインクルージョンの脆弱性 Trawler Web CMS には、PHP リモートファイルインクルージョンの脆弱性が存在します。 CVE-2006-5495 21597 CVE-2006-5495 64096 7.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003341.html 2006-10-25 2012-12-20 View