CVE-2006-0125 : Unspecified vulnerability in appserv/main.php in AppServ 2.4.5 allows remote attackers to include arbitrary files via th

Unspecified vulnerability in appserv/main.php in AppServ 2.4.5 allows remote attackers to include arbitrary files via the appserv_root parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. There is not enough detail from these third party sources to know whether this is directory traversal, remote file include, or another issue.

Published 2006-01-09 11:03:00

Updated 2011-03-08 02:29:22

Source MITRE

View at NVD, CVE.org

Vulnerability category: Directory traversal

Exploit prediction scoring system (EPSS) score for CVE-2006-0125

Probability of exploitation activity in the next 30 days: 1.63%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 86 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-0125

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2006-0125

Products affected by CVE-2006-0125

Appserv Open Project » Appserv » Version: 2.4.5
cpe:2.3:a:appserv_open_project:appserv:2.4.5:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2006-0125

Exploit prediction scoring system (EPSS) score for CVE-2006-0125

CVSS scores for CVE-2006-0125

References for CVE-2006-0125

Products affected by CVE-2006-0125