CVE-2006-4636

Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Directory parameter, as demonstrated by parameter values naming Apache HTTP Server log files that apparently contain PHP code.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/21753	Vendor Advisory
http://www.securityfocus.com/bid/19867	Exploit
http://www.vupen.com/english/advisories/2006/3472
https://www.exploit-db.com/exploits/2310
http://secunia.com/advisories/21753	Vendor Advisory
http://www.securityfocus.com/bid/19867	Exploit
http://www.vupen.com/english/advisories/2006/3472
https://www.exploit-db.com/exploits/2310

Configurations

Configuration 1 (hide)

cpe:2.3:a:szewo:phpcommander:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:16

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/21753 - Vendor Advisory~~	() http://secunia.com/advisories/21753 - Vendor Advisory
References	~~() http://www.securityfocus.com/bid/19867 - Exploit~~	() http://www.securityfocus.com/bid/19867 - Exploit
References	~~() http://www.vupen.com/english/advisories/2006/3472 -~~	() http://www.vupen.com/english/advisories/2006/3472 -
References	~~() https://www.exploit-db.com/exploits/2310 -~~	() https://www.exploit-db.com/exploits/2310 -

Information

Published : 2006-09-08 20:04

Updated : 2024-11-21 00:16

NVD link : CVE-2006-4636

Mitre link : CVE-2006-4636

CVE.ORG link : CVE-2006-4636

JSON object : View

Products Affected

szewo

phpcommander

CWE

NVD-CWE-Other

{"id": "CVE-2006-4636", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-09-08T20:04:00.000", "references": [{"url": "http://secunia.com/advisories/21753", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/19867", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/3472", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/2310", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/21753", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/19867", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/3472", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/2310", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in SZEWO PhpCommander 3.0 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Directory parameter, as demonstrated by parameter values naming Apache HTTP Server log files that apparently contain PHP code."}, {"lang": "es", "value": "Vulnerabilidad de atravesamiento de directorios en SZEWO PhpCommander 3.0 y anteriores permite a un atacante remoto a\u00f1adir y ejecutar archivos locales de su elecci\u00f3n a trav\u00e9s de secuencias de atravesamiento de directorios en el par\u00e1metro Directory, seg\u00fan lo demostrado por los valores de par\u00e1metro que nombran ficheros de registro del servidor Apache HTTP que contienen aparentemente c\u00f3digo PHP."}], "lastModified": "2024-11-21T00:16:25.937", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:szewo:phpcommander:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2957663A-9AD2-46EB-B362-2066B541A463", "versionEndIncluding": "3.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}