Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0854

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0854
Last Modified 23 Aug 2011 12:00:00
Published 22 Feb 2006 09:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0854

Summary

PHP remote file inclusion vulnerability in common.php in Intensive Point iUser Ecommerce allows remote attackers to include arbitrary files via a URL in the include_path variable, which is not initialized before being used.

Vulnerable Systems

Application

  • Intensive Point Iuser Ecommerce


References

XF - iuser-ecommerce-file-include(24724)

MISC - http://www.xorcrew.net/xpa/XPA-iUser.txt

VUPEN - ADV-2006-0699

BID - 16787

OSVDB - 23429

SECUNIA - 18903

FULLDISC - 20060215 iUser Ecommerce - Remote Command Execution Vulnerability


Last Updated: 27 May 2016 10:41:49