PT-2006-5383 · Mybace · Mybace Light Skrip

Published

2006-09-07

Updated

2018-10-17

CVE-2006-4596

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions MyBace Light Skrip (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary PHP code when register globals is enabled. This can be achieved via the hauptverzeichniss parameter in "includes/login check.php" and the template back parameter in "admin/login/content/user daten.php".

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-4596

Affected Products

Mybace Light Skrip

PT-2006-5383 · Mybace · Mybace Light Skrip

CVE-2006-4596

Related Identifiers

Affected Products

References · 8