Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2033

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2033
Last Modified 05 Sep 2008 05:03:29
Published 25 Apr 2006 08:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2033

Summary

PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and earlier allows remote authenticated users to execute arbitrary commands via the show parameter. NOTE: this is a different vector than CVE-2006-1212, although it might be the same primary issue.

Vulnerable Systems

Application

  • Corenews 2.0.1


References

BID - 17655

BUGTRAQ - 20060421 Advisory: CoreNews <= 2.0.1 Multiple Remote Vulnerabilities.

MISC - http://www.nukedx.com/?getxpl=24

XF - corenews-index-file-include(25979)

SREASON - 797


Last Updated: 27 May 2016 10:42:18