Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0940

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0940
Last Modified 07 Mar 2011 09:31:10
Published 28 Feb 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0940

Summary

Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php.

Vulnerable Systems

Application

  • Cynical Games Shoutlive 1.1.0


References

VUPEN - ADV-2006-0755

OSVDB - 23482

SECUNIA - 19047

MISC - http://evuln.com/vulns/87/summary.html

XF - shoutlive-savesettings-file-include(24897)

BID - 16857

BUGTRAQ - 20060307 [eVuln] ShoutLIVE PHP Code Execution & Multiple XSS Vulnerabilities

SREASON - 557


Last Updated: 27 May 2016 10:41:52