Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2122

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2006-2122
Last Modified 05 Sep 2008 05:03:43
Published 01 May 2006 06:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-2122

Summary

PHP remote file inclusion vulnerability in index.php in CoolMenus allows remote attackers to execute arbitrary code via a URL in the page parameter. NOTE: the original report for this issue is probably erroneous, since CoolMenus does not appear to be written in PHP.

Vulnerable Systems

Application

  • Coolmenus 4.0


References

BID - 17738

BUGTRAQ - 20060501 Re: CoolMenus Event Remote File Inclusion exploit

BUGTRAQ - 20060429 CoolMenus Event Remote File Inclusion exploit

BUGTRAQ - 20060428 [Kurdish Security #3] CoolMenus Event Remote File Include Vulnerability (For PHP)

MISC - http://www.dhtmlcentral.com/projects/coolmenus/

SREASON - 823

MISC - http://kurdishsecurity.blogspot.com/2006/04/coolmenus-event-remote-file-include.html


Last Updated: 27 May 2016 10:42:20