Vulnerability Details : CVE-2006-4621
PHP remote file inclusion vulnerability in settings.php in Pheap 1.2, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the lpref parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. The lib/config.php vector is already covered by CVE-2006-4531.
Vulnerability category: File inclusion
Exploit prediction scoring system (EPSS) score for CVE-2006-4621
Probability of exploitation activity in the next 30 days: 0.61%
CVSS scores for CVE-2006-4621
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|