Vulnerability Details CVE-2006-1599
Unspecified vulnerability in VCEngine.php in v-creator before 1.3-pre3, when the VC_CRYPTO_METHOD option is OPENSSL, allows remote attackers to execute arbitrary commands, possibly due to problems in the (1) encrypt and (2) decrypt functions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/19453
- http://sourceforge.net/forum/forum.php?forum_id=557129
- http://www.osvdb.org/24304
- http://www.securityfocus.com/bid/17328
- http://www.vupen.com/english/advisories/2006/1189
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25560
- https://sourceforge.net/p/vcreator/news/2006/03/v-creator-v13-pre3-released/
- http://secunia.com/advisories/19453
- http://sourceforge.net/forum/forum.php?forum_id=557129
- http://www.osvdb.org/24304
- http://www.securityfocus.com/bid/17328
- http://www.vupen.com/english/advisories/2006/1189
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25560
- https://sourceforge.net/p/vcreator/news/2006/03/v-creator-v13-pre3-released/
Products affected by CVE-2006-1599
-
cpe:2.3:a:v-creator.com:v-creator:1.3_pre2