Vulnerability Details CVE-2006-1636
PHP remote file inclusion vulnerability in get_header.php in VWar 1.5.0 R12 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter. NOTE: this is a different vulnerability than CVE-2006-1503.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://downloads.securityfocus.com/vulnerabilities/exploits/VWar_1.5.0_R12.pl
- http://secunia.com/advisories/19524
- http://www.osvdb.org/24480
- http://www.securityfocus.com/archive/1/429742/100/0/threaded
- http://www.securityfocus.com/bid/17358
- http://www.vupen.com/english/advisories/2006/1228
- http://downloads.securityfocus.com/vulnerabilities/exploits/VWar_1.5.0_R12.pl
- http://secunia.com/advisories/19524
- http://www.osvdb.org/24480
- http://www.securityfocus.com/archive/1/429742/100/0/threaded
- http://www.securityfocus.com/bid/17358
- http://www.vupen.com/english/advisories/2006/1228
Products affected by CVE-2006-1636
-
cpe:2.3:a:vwar:virtual_war:1.0.0
-
cpe:2.3:a:vwar:virtual_war:1.0.1
-
cpe:2.3:a:vwar:virtual_war:1.0.2
-
cpe:2.3:a:vwar:virtual_war:1.0.3
-
cpe:2.3:a:vwar:virtual_war:1.0.4
-
cpe:2.3:a:vwar:virtual_war:1.0.5
-
cpe:2.3:a:vwar:virtual_war:1.0.6
-
cpe:2.3:a:vwar:virtual_war:1.0.7
-
cpe:2.3:a:vwar:virtual_war:1.0.8
-
cpe:2.3:a:vwar:virtual_war:1.0.9
-
cpe:2.3:a:vwar:virtual_war:1.1.0
-
cpe:2.3:a:vwar:virtual_war:1.1.1
-
cpe:2.3:a:vwar:virtual_war:1.1.2
-
cpe:2.3:a:vwar:virtual_war:1.1.3
-
cpe:2.3:a:vwar:virtual_war:1.1.4
-
cpe:2.3:a:vwar:virtual_war:1.1.5
-
cpe:2.3:a:vwar:virtual_war:1.1.6
-
cpe:2.3:a:vwar:virtual_war:1.1.7
-
cpe:2.3:a:vwar:virtual_war:1.1.8
-
cpe:2.3:a:vwar:virtual_war:1.2.0
-
cpe:2.3:a:vwar:virtual_war:1.2.1
-
cpe:2.3:a:vwar:virtual_war:1.2.2
-
cpe:2.3:a:vwar:virtual_war:1.3
-
cpe:2.3:a:vwar:virtual_war:1.4
-
cpe:2.3:a:vwar:virtual_war:1.5
-
cpe:2.3:a:vwar:virtual_war:1.5.0_r1
-
cpe:2.3:a:vwar:virtual_war:1.5.0_r10
-
cpe:2.3:a:vwar:virtual_war:1.5.0_r11
-
cpe:2.3:a:vwar:virtual_war:1.5.0_r12
-
cpe:2.3:a:vwar:virtual_war:1.5.0_r2
-
cpe:2.3:a:vwar:virtual_war:1.5.0_r3
-
cpe:2.3:a:vwar:virtual_war:1.5.0_r4
-
cpe:2.3:a:vwar:virtual_war:1.5.0_r5
-
cpe:2.3:a:vwar:virtual_war:1.5.0_r6
-
cpe:2.3:a:vwar:virtual_war:1.5.0_r7
-
cpe:2.3:a:vwar:virtual_war:1.5.0_r8
-
cpe:2.3:a:vwar:virtual_war:1.5.0_r9