Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3395

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-3395
Last Modified 10 Aug 2011 12:00:00
Published 06 Jul 2006 04:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-3395

Summary

PHP remote file inclusion vulnerability in top.php in SiteBuilder-FX 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter.

Vulnerable Systems

Application

  • Webdesignhq Sitebuilder-fx 3.5


References

XF - sitebuilderfx-admintop-file-include(27503)

VUPEN - ADV-2006-2639

BID - 18756

OSVDB - 26959

MISC - http://www.jaascois.com/exploits/18602017/

SECTRACK - 1016417

SECUNIA - 20923


Last Updated: 27 May 2016 10:42:58