CVE-2006-4969

{"id": "CVE-2006-4969", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-09-25T01:07:00.000", "references": [{"url": "http://secunia.com/advisories/22131", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29198", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29199", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29200", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29201", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29202", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29203", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29204", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29205", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29206", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29207", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29208", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29209", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29210", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29211", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29212", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29213", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/29214", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/20099", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/3798", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29023", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/2393", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce Pie Cart Pro allow remote attackers to execute arbitrary PHP code via a URL in the Inc_Dir parameter in (1) affiliates.php, (2) orders.php, (3) events.php, (4) index.php, (5) articles.php, (6) faqs.php, (7) guestbook.php, (8) catalog.php, (9) wholesale.php, (10) weblinks.php, (11) certificates.php, (12) sitesearch.php, (13) contact.php, (14) sitemap.php, (15) search.php, (16) registry.php, or (17) error.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades PHP de inclusi\u00f3n remota de archivo en WAHM E-Commerce Pie Cart Pro permite a un atacante remoto ejecutar c\u00f3digo PHP de su elecci\u00f3n a trav\u00e9s de una URL en el par\u00e1metro Inc_Dir parameter en (1) affiliates.php, (2) orders.php, (3) events.php, (4) index.php, (5) articles.php, (6) faqs.php, (7) guestbook.php, (8) catalog.php, (9) wholesale.php, (10) weblinks.php, (11) certificates.php, (12) sitesearch.php, (13) contact.php, (14) sitemap.php, (15) search.php, (16) registry.php, o (17) error.php."}], "lastModified": "2017-10-19T01:29:27.690", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wahm_e-commerce:pie_cart_pro:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1514E01-CB82-41C6-A8F2-02D88DBBF6E1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}