Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1653

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1653
Last Modified 05 Sep 2008 05:02:29
Published 06 Apr 2006 06:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1653

Summary

PHP remote file inclusion vulnerability in loadkernel.php in AngelineCMS 0.8.1 allows remote attackers to execute arbitrary PHP code via a URL in the installPath parameter.

Vulnerable Systems

Application

  • Angelinecms 0.8.1


References

BID - 17371

MISC - http://advisories.echo.or.id/adv/adv27-K-159-2006.txt

XF - angelinecms-loadkernel-file-include(25658)

BUGTRAQ - 20060404 [ECHO_ADV_27$2006] AngelineCMS 0.8.1 Installpath Remote File Inclusion

OSVDB - 24610


Last Updated: 27 May 2016 10:42:09