CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-2682

PHP remote file inclusion vulnerability in BE_config.php in Back-End CMS 0.7.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _PSL[classdir] parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.025

EPSS Ranking 84.8%

CVSS Severity

CVSS v2 Score 6.4

References

http://secunia.com/advisories/20292
http://www.vupen.com/english/advisories/2006/1979
https://exchange.xforce.ibmcloud.com/vulnerabilities/26699
https://www.exploit-db.com/exploits/1825
http://secunia.com/advisories/20292
http://www.vupen.com/english/advisories/2006/1979
https://exchange.xforce.ibmcloud.com/vulnerabilities/26699
https://www.exploit-db.com/exploits/1825

Products affected by CVE-2006-2682

Back-End » Back-End Cms » Version: 0.7.2.1

cpe:2.3:a:back-end:back-end_cms:0.7.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-2682

Products

Pricing

Contact Us