Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0791

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0791
Last Modified 07 Mar 2011 09:30:49
Published 19 Feb 2006 04:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0791

Summary

PHP remote file inclusion vulnerability in index.php in DreamCost HostAdmin allows remote attackers to include arbitrary files via the $path variable, which is not initialized before use.

Vulnerable Systems

Application

  • Dreamcost Hostadmin 3.0


References

MISC - http://www.xorcrew.net/xpa/XPA-HostAdmin.txt

VUPEN - ADV-2006-0618

BID - 16682

BUGTRAQ - 20081007 Re: HostAdmin 3.* Remote File Include Vulnerabilities

BUGTRAQ - 20081007 HostAdmin 3.* Remote File Include Vulnerabilities

SECUNIA - 18901

XF - hostadmin-path-file-include(24723)

BUGTRAQ - 20060605 [MajorSecurity #9]HostAdmin <= 3.1 - Remote File Include Vulnerability

OSVDB - 23241

SECTRACK - 1016273

FULLDISC - 20060215 HostAdmin - Remote Command Execution Vulnerability


Last Updated: 27 May 2016 10:41:48