Vulnerability Details : CVE-2006-6285
PHP remote file inclusion vulnerability in index.php in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) 1.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the externalConfig parameter. NOTE: CVE and other third parties dispute this vulnerability because $externalConfig is defined before use
Vulnerability category: File inclusion
Products affected by CVE-2006-6285
- cpe:2.3:a:kai_blankenhorn_bitfolge:simple_and_nice_index_file:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-6285
1.57%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-6285
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-6285
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/30613
Vulnerability Report
-
http://www.attrition.org/pipermail/vim/2006-December/001161.html
[VIM] snif RFI curiosity
-
https://www.exploit-db.com/exploits/2868
404 Page Not Found | Exploit Database
-
http://attrition.org/pipermail/vim/2006-December/001159.html
[VIM] snif RFI curiosity
-
http://www.securityfocus.com/bid/21378
Jump to