CVSS: 7.5EPSS: 9%CPEs: 1EXPL: 3CVE-2006-6958 – PHP Blue Dragon CMS 2.9.1 - Multiple Remote File Inclusions
https://notcve.org/view.php?id=CVE-2006-6958
Multiple PHP remote file inclusion vulnerabilities in phpBlueDragon 2.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter to (1) team_admin.php, (2) rss_admin.php, (3) manual_admin.php, and (4) forum_admin.php in includes/root_modules/, a different set of vectors than CVE-2006-3076. Múltiples vulnerabilidades de inclusión remota de archivo en PHP en phpBlueDragon 2.9.1 permiten a atacantes remotos ejecutar código PHP de su elección mediante una URL en el parámetro vsDragonRootPath de (1) team_admin.php, (2) rss_admin.php, (3) manual_admin.php, y (4) forum_admin.php en includes/root_modules/, un juego de vectores distinto de CVE-2006-3076. • https://www.exploit-db.com/exploits/28098 http://packetstormsecurity.org/0606-exploits/phpbluedragon-2.txt http://securityreason.com/securityalert/2193 http://www.osvdb.org/27676 http://www.osvdb.org/27677 http://www.osvdb.org/27678 http://www.osvdb.org/27679 http://www.securityfocus.com/archive/1/438238/100/100/threaded http://www.securityfocus.com/bid/18609 https://exchange.xforce.ibmcloud.com/vulnerabilities/27152 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.4EPSS: 2%CPEs: 1EXPL: 2CVE-2006-3076 – PHP Blue Dragon CMS 2.9.1 - 'template.php' File Inclusion
https://notcve.org/view.php?id=CVE-2006-3076
PHP remote file inclusion vulnerability in software_upload/public_includes/pub_templates/vphptree/template.php in PhpBlueDragon CMS 2.9.1 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter. Vulnerabilidad de inclusión remota de archivo PHP en software_upload/public_includes/pub_templates/vphptree/template.php en PhpBlueDragon CMS v2.9.1, permite a atacantes remotos ejecutar código PHP de su elección a través de la URL en el parámetro vsDragonRootPath. • https://www.exploit-db.com/exploits/1913 http://securityreason.com/securityalert/1109 http://www.securityfocus.com/archive/1/437130/100/0/threaded http://www.securityfocus.com/bid/18440 https://exchange.xforce.ibmcloud.com/vulnerabilities/27152 •