CVE-2006-0824
Published Feb 21, 2006
Last updated 6 years ago
Overview
- Description
- Multiple unspecified vulnerabilities in lib-common.php in Geeklog 1.4.0 before 1.4.0sr1 and 1.3.11 before 1.3.11sr4 allow remote attackers to include arbitrary local files and execute arbitrary code via (1) absolute paths in unspecified parameters and (2) the language cookie, as demonstrated for code execution using error.log.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:geeklog:geeklog:1.3.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C869DAF3-7662-4EEF-98DA-11A622DEF8A7"
},
{
"criteria": "cpe:2.3:a:geeklog:geeklog:1.3.11_sr1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40A9A0E7-7383-4B2C-AAD8-2FED5B86A2F0"
},
{
"criteria": "cpe:2.3:a:geeklog:geeklog:1.3.11_sr2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3B6B8B4-88A2-45A3-BD2E-6C0D103CB25E"
},
{
"criteria": "cpe:2.3:a:geeklog:geeklog:1.3.11_sr3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2FF72E47-143C-47F4-B54E-7A01951C3957"
},
{
"criteria": "cpe:2.3:a:geeklog:geeklog:1.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B89E7A29-0EAE-4BB0-B0DD-0B5B55F80453"
}
],
"operator": "OR"
}
]
}
]