CVE-2006-3690
Mambo Component MiniBB 1.5a - Remote File Inclusion
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) components/com_minibb.php or (2) components/minibb/index.php.
Vulnerabilidades de inclusión remota de archivo en PHP en MiniBB Forum 1.5a y anteriores permite a atacantes remotoso ejecutar código PHP de su elección a través de una URL en el parámetro absolute_path en (1) components/com_minibb.php o (2) components/minibb/index.php.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-07-18 CVE Reserved
- 2006-07-18 CVE Published
- 2023-09-13 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://advisories.echo.or.id/adv/adv39-matdhule-2006.txt | X_refsource_misc | |
| http://securityreason.com/securityalert/1245 | Third Party Advisory | |
| http://securitytracker.com/id?1016507 | Vdb Entry | |
| http://www.osvdb.org/28594 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/440132/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/18998 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/27749 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/2030 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|