Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2121

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-2121
Last Modified 05 Sep 2008 05:03:43
Published 01 May 2006 06:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2121

Summary

PHP remote file include vulnerability in admin/config_settings.tpl.php in I-RATER Platinum allows remote attackers to execute arbitrary code via a URL in the include_path parameter. NOTE: this is a different vector, and possibly a different vulnerability, than CVE-2006-1929.

Vulnerable Systems

Application

  • I-rater Platinum


References

BID - 17731

BUGTRAQ - 20060429 I-RATER Platinum Remote File Inclusion exploit Cod3d by R@1D3N

XF - irater-configsettingtpl-file-include(26203)

BUGTRAQ - 20060428 [Kurdish Secure Advisory #1] I-RATER Platinum "Admin/configsettings.tpl.php" Remote File Include Vulnerability

SREASON - 824


Last Updated: 27 May 2016 10:42:20