Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1013

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1013
Last Modified 05 Sep 2008 05:00:47
Published 06 Mar 2006 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1013

Summary

PHP remote file include vulnerability in index.php in SMartBlog (aka SMBlog) 1.2 allows remote attackers to include and execute arbitrary PHP files via (1) the pg parameter and (2) a query string without a parameter.

Vulnerable Systems

Application

  • Smartblog 1.2


References

BUGTRAQ - 20060301 SMBlog Remote Command Exucetion

XF - smartblog-index-file-include(25220)

BID - 16905


Last Updated: 27 May 2016 10:41:53