CVE-2006-5149
Published Oct 5, 2006
Last updated 6 years ago
Overview
- Description
- Multiple directory traversal vulnerabilities in OpenBiblio before 0.5.2 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the page parameter to shared/help.php or (2) the tab parameter to shared/header.php.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-22
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbiblio:openbiblio:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E87547B7-5D2E-47C9-AA37-F76EC40D106E",
"versionEndIncluding": "0.5.1"
},
{
"criteria": "cpe:2.3:a:openbiblio:openbiblio:0.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A65C24D4-8EE2-4D29-8B06-7E6DB16394A1"
},
{
"criteria": "cpe:2.3:a:openbiblio:openbiblio:0.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E467F2B0-84E7-466C-95A5-4B813D2C03A6"
},
{
"criteria": "cpe:2.3:a:openbiblio:openbiblio:0.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A8BB41F-DAED-497B-BF7B-C0F5908E9CFE"
},
{
"criteria": "cpe:2.3:a:openbiblio:openbiblio:0.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B00BCF7A-12FB-4856-A1BA-062D11FF3AAF"
},
{
"criteria": "cpe:2.3:a:openbiblio:openbiblio:0.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F24840EE-82B9-4397-898E-B3F32B641536"
}
],
"operator": "OR"
}
]
}
]