CVE-2006-3019 - OpenCVE

Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPCMS_INCLUDEPATH parameter to files in parser/include/ including (1) class.parser_phpcms.php, (2) class.session_phpcms.php, (3) class.edit_phpcms.php, (4) class.http_indexer_phpcms.php, (5) class.cache_phpcms.php, (6) class.search_phpcms.php, (7) class.lib_indexer_universal_phpcms.php, and (8) class.layout_phpcms.php, (9) parser/plugs/counter.php, and (10) parser/parser.php. NOTE: the class.cache_phpcms.php vector was also reported to affect 1.1.7.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Phpcms	Phpcms

Configuration 1 [-]

cpe:2.3:a:phpcms:phpcms:1.2.1_p12:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://secunia.com/advisories/20573
http://securityreason.com/securityalert/1106
http://www.osvdb.org/26388
http://www.osvdb.org/26389
http://www.osvdb.org/26390
http://www.osvdb.org/26391
http://www.osvdb.org/26392
http://www.osvdb.org/26393
http://www.osvdb.org/26394
http://www.osvdb.org/26395
http://www.osvdb.org/26396
http://www.osvdb.org/26397
http://www.securityfocus.com/archive/1/436893/100/0/threaded
http://www.securityfocus.com/archive/1/455302/100/0/threaded
http://www.securityfocus.com/bid/21768
http://www.vupen.com/english/advisories/2006/2302
https://exchange.xforce.ibmcloud.com/vulnerabilities/27067

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-06-15T10:00:00

Updated: 2024-08-07T18:16:04.599Z

Reserved: 2006-06-15T00:00:00

Link: CVE-2006-3019

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-06-15T10:02:00.000

Modified: 2018-10-18T16:45:11.953

Link: CVE-2006-3019

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-06-12T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPCMS_INCLUDEPATH parameter to files in parser/include/ including (1) class.parser_phpcms.php, (2) class.session_phpcms.php, (3) class.edit_phpcms.php, (4) class.http_indexer_phpcms.php, (5) class.cache_phpcms.php, (6) class.search_phpcms.php, (7) class.lib_indexer_universal_phpcms.php, and (8) class.layout_phpcms.php, (9) parser/plugs/counter.php, and (10) parser/parser.php. NOTE: the class.cache_phpcms.php vector was also reported to affect 1.1.7."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20573", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20573"}, {"name": "1106", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/1106"}, {"name": "26394", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/26394"}, {"name": "26396", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/26396"}, {"name": "phpcms-includepath-file-include(27067)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27067"}, {"name": "26395", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/26395"}, {"name": "26397", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/26397"}, {"name": "ADV-2006-2302", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2302"}, {"name": "20061224 phpcms <=- 1.1.7 Remote File Inclusion", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/455302/100/0/threaded"}, {"name": "20060612 [FSA013] phpCMS 1.2.1pl2, Remote command execution", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/436893/100/0/threaded"}, {"name": "26391", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/26391"}, {"name": "26390", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/26390"}, {"name": "21768", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21768"}, {"name": "26389", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/26389"}, {"name": "26392", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/26392"}, {"name": "26388", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/26388"}, {"name": "26393", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/26393"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3019", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPCMS_INCLUDEPATH parameter to files in parser/include/ including (1) class.parser_phpcms.php, (2) class.session_phpcms.php, (3) class.edit_phpcms.php, (4) class.http_indexer_phpcms.php, (5) class.cache_phpcms.php, (6) class.search_phpcms.php, (7) class.lib_indexer_universal_phpcms.php, and (8) class.layout_phpcms.php, (9) parser/plugs/counter.php, and (10) parser/parser.php. NOTE: the class.cache_phpcms.php vector was also reported to affect 1.1.7."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20573", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20573"}, {"name": "1106", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1106"}, {"name": "26394", "refsource": "OSVDB", "url": "http://www.osvdb.org/26394"}, {"name": "26396", "refsource": "OSVDB", "url": "http://www.osvdb.org/26396"}, {"name": "phpcms-includepath-file-include(27067)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27067"}, {"name": "26395", "refsource": "OSVDB", "url": "http://www.osvdb.org/26395"}, {"name": "26397", "refsource": "OSVDB", "url": "http://www.osvdb.org/26397"}, {"name": "ADV-2006-2302", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2302"}, {"name": "20061224 phpcms <=- 1.1.7 Remote File Inclusion", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/455302/100/0/threaded"}, {"name": "20060612 [FSA013] phpCMS 1.2.1pl2, Remote command execution", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/436893/100/0/threaded"}, {"name": "26391", "refsource": "OSVDB", "url": "http://www.osvdb.org/26391"}, {"name": "26390", "refsource": "OSVDB", "url": "http://www.osvdb.org/26390"}, {"name": "21768", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21768"}, {"name": "26389", "refsource": "OSVDB", "url": "http://www.osvdb.org/26389"}, {"name": "26392", "refsource": "OSVDB", "url": "http://www.osvdb.org/26392"}, {"name": "26388", "refsource": "OSVDB", "url": "http://www.osvdb.org/26388"}, {"name": "26393", "refsource": "OSVDB", "url": "http://www.osvdb.org/26393"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:16:04.599Z"}, "title": "CVE Program Container", "references": [{"name": "20573", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20573"}, {"name": "1106", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/1106"}, {"name": "26394", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/26394"}, {"name": "26396", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/26396"}, {"name": "phpcms-includepath-file-include(27067)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27067"}, {"name": "26395", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/26395"}, {"name": "26397", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/26397"}, {"name": "ADV-2006-2302", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2302"}, {"name": "20061224 phpcms <=- 1.1.7 Remote File Inclusion", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/455302/100/0/threaded"}, {"name": "20060612 [FSA013] phpCMS 1.2.1pl2, Remote command execution", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/436893/100/0/threaded"}, {"name": "26391", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/26391"}, {"name": "26390", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/26390"}, {"name": "21768", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/21768"}, {"name": "26389", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/26389"}, {"name": "26392", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/26392"}, {"name": "26388", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/26388"}, {"name": "26393", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/26393"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3019", "datePublished": "2006-06-15T10:00:00", "dateReserved": "2006-06-15T00:00:00", "dateUpdated": "2024-08-07T18:16:04.599Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:phpcms:phpcms:1.2.1_p12:*:*:*:*:*:*:*", "matchCriteriaId": "BAC32A40-EAEC-458E-8A35-C4BCEADFA1BC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPCMS_INCLUDEPATH parameter to files in parser/include/ including (1) class.parser_phpcms.php, (2) class.session_phpcms.php, (3) class.edit_phpcms.php, (4) class.http_indexer_phpcms.php, (5) class.cache_phpcms.php, (6) class.search_phpcms.php, (7) class.lib_indexer_universal_phpcms.php, and (8) class.layout_phpcms.php, (9) parser/plugs/counter.php, and (10) parser/parser.php. NOTE: the class.cache_phpcms.php vector was also reported to affect 1.1.7."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inclusi\u00f3n remota de archivos PHP en phpCMS v1.2.1pl2 permiten a atacantes remotos ejecutar c\u00f3digo PHP de su elecci\u00f3n a trav\u00e9s de una URL en el par\u00e1metro PHPCMS_INCLUDEPATH en los ficheros incluidos en parser/include/ (1) class.parser_phpcms.php, (2) class.session_phpcms.php, (3) class.edit_phpcms.php, (4) class.http_indexer_phpcms.php, (5) class.cache_phpcms.php, (6) class.search_phpcms.php, (7) class.lib_indexer_universal_phpcms.php, y (8) class.layout_phpcms.php, (9) parser/plugs/counter.php, y (10) parser/parser.php. NOTA: El vector class.cache_phpcms.php tambi\u00e9n fue reportado afectando a v1.1.7."}], "id": "CVE-2006-3019", "lastModified": "2018-10-18T16:45:11.953", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-06-15T10:02:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20573"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/1106"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/26388"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/26389"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/26390"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/26391"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/26392"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/26393"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/26394"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/26395"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/26396"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/26397"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/436893/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/455302/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/21768"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/2302"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27067"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}