PT-2006-5873 · A-Blog 2 · A-Blog 2

V1Per-Hacker

Publicado

2006-10-02

Atualizado

2017-10-19

CVE-2006-5135

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions A-Blog 2 (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary PHP code via specific parameters in various PHP files. The vulnerable parameters include open box, middle box, and close box in sources/myaccount.php, navigation end in navigation/search.php and navigation/donation.php, and navigation start and navigation middle in navigation/donation.php, navigation/latestnews.php, and navigation/links.php.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-5135

Produtos afetados

A-Blog 2

PT-2006-5873 · A-Blog 2 · A-Blog 2

CVE-2006-5135

Identificadores relacionados

Produtos afetados

Referências · 4