Vulnerability Details : CVE-2006-1032
Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag.
Products affected by CVE-2006-1032
- cpe:2.3:a:phprpc:phprpc:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:phprpc:phprpc:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:phprpc:phprpc:0.7:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-1032
15.11%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-1032
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-1032
-
http://securitytracker.com/id?1015691
-
http://www.gulftech.org/?node=research&article_id=00105-02262006
Vendor Advisory
-
http://www.securityfocus.com/bid/16833
-
http://securityreason.com/securityalert/502
-
http://www.securityfocus.com/archive/1/426193
Vendor Advisory
-
http://www.vupen.com/english/advisories/2006/0745
Jump to