CVE-2006-5733
PostNuke 0.763 - 'PNSV lang' Remote Code Execution
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Directory traversal vulnerability in error.php in PostNuke 0.763 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the PNSVlang (PNSV lang) cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by error.php.
Vulnerabilidad de escalado de directorio en error.php en PostNuke 0.7.63 y anteriores permite a atacantes remotos incluir y ejecutar archivos locales de su elección mediante un .. (punto punto) en la cookie PNSVlang (PNSV lang), como ha sido demostrado inyectando secuencias PHP en el archivo de registro del Servidor HTTP Apache, que luego es incluido por error.php.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-11-06 CVE Reserved
- 2006-11-06 CVE Published
- 2024-02-10 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://community.postnuke.com/Article2787.htm | X_refsource_confirm | |
| http://secunia.com/advisories/22983 | Third Party Advisory | |
| http://www.securityfocus.com/bid/21218 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29992 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/2707 | 2024-08-07 | |
| http://www.securityfocus.com/bid/20897 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Postnuke Software Foundation Search vendor "Postnuke Software Foundation" | Postnuke Search vendor "Postnuke Software Foundation" for product "Postnuke" | <= 0.763 Search vendor "Postnuke Software Foundation" for product "Postnuke" and version " <= 0.763" | - |
Affected
| ||||||
| Postnuke Software Foundation Search vendor "Postnuke Software Foundation" | Postnuke Search vendor "Postnuke Software Foundation" for product "Postnuke" | 0.762 Search vendor "Postnuke Software Foundation" for product "Postnuke" and version "0.762" | - |
Affected
| ||||||