CVE-2006-4782 - Vulnerability Details - OpenCVE

src/index.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication and gain sensitive information stored in the database via a modified userID parameter in a write action to admin/database.php.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.08832.

Key SSVC decision points have not yet been added.

Vendors	Products
Webspell	Webspell

Configuration 1 [-]

OR	cpe:2.3:a:webspell:webspell::::::::
	cpe:2.3:a:webspell:webspell:4.0:::::::*
	cpe:2.3:a:webspell:webspell:4.1:::::::*
	cpe:2.3:a:webspell:webspell:4.1.1:::::::*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2006-4769	src/index.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication and gain sensitive information stored in the database via a modified userID parameter in a write action to admin/database.php.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://cms.webspell.org/index.php?site=files&file=15
http://secunia.com/advisories/21881
http://www.securityfocus.com/bid/19975
http://www.vupen.com/english/advisories/2006/3572
https://exchange.xforce.ibmcloud.com/vulnerabilities/28896
https://www.exploit-db.com/exploits/2352

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-09-14T10:00:00

Updated: 2024-08-07T19:23:41.148Z

Reserved: 2006-09-13T00:00:00

Link: CVE-2006-4782

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-09-14T10:07:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-4782

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-09-12T00:00:00", "descriptions": [{"lang": "en", "value": "src/index.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication and gain sensitive information stored in the database via a modified userID parameter in a write action to admin/database.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-18T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "webspell-login-authentication-bypass(28896)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28896"}, {"name": "21881", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21881"}, {"name": "2352", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/2352"}, {"name": "19975", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/19975"}, {"name": "ADV-2006-3572", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/3572"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://cms.webspell.org/index.php?site=files&file=15"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4782", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "src/index.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication and gain sensitive information stored in the database via a modified userID parameter in a write action to admin/database.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "webspell-login-authentication-bypass(28896)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28896"}, {"name": "21881", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21881"}, {"name": "2352", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/2352"}, {"name": "19975", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19975"}, {"name": "ADV-2006-3572", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3572"}, {"name": "http://cms.webspell.org/index.php?site=files&file=15", "refsource": "CONFIRM", "url": "http://cms.webspell.org/index.php?site=files&file=15"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T19:23:41.148Z"}, "title": "CVE Program Container", "references": [{"name": "webspell-login-authentication-bypass(28896)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28896"}, {"name": "21881", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21881"}, {"name": "2352", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/2352"}, {"name": "19975", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/19975"}, {"name": "ADV-2006-3572", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/3572"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://cms.webspell.org/index.php?site=files&file=15"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4782", "datePublished": "2006-09-14T10:00:00", "dateReserved": "2006-09-13T00:00:00", "dateUpdated": "2024-08-07T19:23:41.148Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:webspell:webspell:*:*:*:*:*:*:*:*", "matchCriteriaId": "D2D5A0A0-990E-40DF-AF8B-14171FE1447C", "versionEndIncluding": "4.01.01", "vulnerable": true}, {"criteria": "cpe:2.3:a:webspell:webspell:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "8511CDAC-8292-4696-A0BE-7DC321CF6500", "vulnerable": true}, {"criteria": "cpe:2.3:a:webspell:webspell:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "37CE7D68-2638-4ED7-AFA5-8B9FC398B5CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:webspell:webspell:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F5B8975-C514-457E-95FE-84FF3C44275F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "src/index.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication and gain sensitive information stored in the database via a modified userID parameter in a write action to admin/database.php."}, {"lang": "es", "value": "src/index.php en WebSPELL 4.01.01 y anteriores, cuando register_globals est\u00e1 habilitado, permite a atacantes remotos evitar la autenticaci\u00f3n y obtener informaci\u00f3n sensible almacenada en la base de datos, mediante un par\u00e1metro userID modificado en una operaci\u00f3n de escritura en admin/database.php."}], "evaluatorSolution": "Successful exploitation requires that \"register_globals\" is enabled.", "id": "CVE-2006-4782", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.4, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-09-14T10:07:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://cms.webspell.org/index.php?site=files&file=15"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/21881"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/19975"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/3572"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28896"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/2352"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://cms.webspell.org/index.php?site=files&file=15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/21881"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/19975"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/3572"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28896"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/2352"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}