Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2557

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2557
Last Modified 07 Mar 2011 09:36:30
Published 23 May 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2557

Summary

PHP remote file inclusion vulnerability in extras/poll/poll.php in Florian Amrhein NewsPortal before 0.37, and TR Newsportal (TRanx rebuilded), allows remote attackers to execute arbitrary PHP code via a URL in the file_newsportal parameter.

Vulnerable Systems

Application

  • Florian Amrhein Newsportal 0.36


References

XF - trnewsportal-poll-file-include(26439)

SECUNIA - 20128

CONFIRM - http://florian-amrhein.de/newsportal/forum/article?id=1&group=amrhein.newsportal

BUGTRAQ - 20060517 Newsportal <= 0.36 Remote File Inclusion Vulnerability

BUGTRAQ - 20060515 Newsportal: code injection vulnerability

XF - newsportal-poll-code-execution(26471)

VUPEN - ADV-2006-1838

BID - 18000

OSVDB - 25577

OSVDB - 25531

SECUNIA - 20119

MILW0RM - 1789

SREASON - 947


Last Updated: 27 May 2016 10:42:40