CVE-2006-4320
Published Aug 24, 2006
Last updated 6 years ago
Overview
- Description
- PHP remote file inclusion vulnerability in sef.php in the OpenSEF 2.0.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensef_project:opensef:2.0-beta3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F07C245B-0A41-4ECD-BFEA-DD93BFE160B3"
},
{
"criteria": "cpe:2.3:a:opensef_project:opensef:2.0_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "944553E5-EAFB-483D-A5A2-9B5C210E7889"
},
{
"criteria": "cpe:2.3:a:opensef_project:opensef:2.0_rc2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55893CE1-954B-42D9-B585-4B0FDA3D89CD"
},
{
"criteria": "cpe:2.3:a:opensef_project:opensef:2.0_rc3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEA04CD9-D66C-4BD9-9551-8AAE6879514D"
},
{
"criteria": "cpe:2.3:a:opensef_project:opensef:2.0_rc4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "204AA46F-AA81-4047-8221-FF24B075D38A"
},
{
"criteria": "cpe:2.3:a:opensef_project:opensef:2.0_rc5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C8229B1-FDDF-448E-8D9C-CE0D88C5BC47"
},
{
"criteria": "cpe:2.3:a:opensef_project:opensef:2.0_rc5_sp1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "15695DA9-FA04-437E-B169-19853814B3C9"
},
{
"criteria": "cpe:2.3:a:opensef_project:opensef:2.0_rc5_sp2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E4A1A62-AC1E-425B-AAC4-C5A96E7DAF88"
}
],
"operator": "OR"
}
]
}
]