Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3537

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3537
Last Modified 07 Mar 2011 09:38:52
Published 12 Jul 2006 05:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3537

Summary

PHP remote file inclusion vulnerability in index.php in Randshop before 1.2 allows remote attackers to execute arbitrary PHP code via the dateiPfad parameter, a different vector than CVE-2006-3375.

Vulnerable Systems

Application

  • Randshop 0.9.3

  • Randshop 1.1.1


References

XF - randshop-index-file-include(27540)

VUPEN - ADV-2006-2740

BID - 18865

BUGTRAQ - 20060706 randshop <= 1.1.x (index.php) Remote File Inclusion Vulnerability

XF - randshop-headerinc-file-include(27541)

SREASON - 1213


Last Updated: 27 May 2016 10:43:02