CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-1602

PHP remote file inclusion vulnerability in includes/functions_common.php in the VWar Account module (vWar_Account) in PHPNuke Clan 3.0.1 allows remote attackers to include arbitrary files via a URL in the vwar_root2 parameter. NOTE: it is possible that this issue stems from a problem in VWar itself, but this is not clear.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.1%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/19501
http://www.osvdb.org/24481
http://www.securityfocus.com/archive/1/429615/100/0/threaded
http://www.securityfocus.com/bid/17356
http://www.vupen.com/english/advisories/2006/1202
https://exchange.xforce.ibmcloud.com/vulnerabilities/25609
http://secunia.com/advisories/19501
http://www.osvdb.org/24481
http://www.securityfocus.com/archive/1/429615/100/0/threaded
http://www.securityfocus.com/bid/17356
http://www.vupen.com/english/advisories/2006/1202
https://exchange.xforce.ibmcloud.com/vulnerabilities/25609

Products affected by CVE-2006-1602

Phpnuke-Clan » Phpnuke-Clan » Version: 3.0.1

cpe:2.3:a:phpnuke-clan:phpnuke-clan:3.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-1602

Products

Pricing

Contact Us