Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1658

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1658
Last Modified 07 Mar 2011 09:33:30
Published 07 Apr 2006 06:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1658

Summary

Direct static code injection vulnerability in ticker.db.php in Chucky A. Ivey N.T. 1.1.0 allows remote administrators to insert arbitrary PHP code into the config file, which is included other N.T. scripts.

Vulnerable Systems

Application

  • Chucky A. Ivey N.t. 1.1.0


References

VUPEN - ADV-2006-1243

SECUNIA - 19526

MISC - http://evuln.com/vulns/121/summary.html

XF - nt-ticker-file-include(25639)

BID - 17387

BUGTRAQ - 20060419 [eVuln] N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities

OSVDB - 24398


Last Updated: 27 May 2016 10:42:09