CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-3040

PHP remote file inclusion vulnerability in talkbox.php in Amr Talkbox allows remote attackers to execute arbitrary PHP code via a URL in the direct parameter. NOTE: this issue has been disputed by CVE, since the $direct variable is set to a static value just before the include statement

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 75.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://securityreason.com/securityalert/1105
http://www.osvdb.org/27455
http://www.securityfocus.com/archive/1/436993/100/0/threaded
http://www.securityfocus.com/archive/1/437266/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/27122
http://securityreason.com/securityalert/1105
http://www.osvdb.org/27455
http://www.securityfocus.com/archive/1/436993/100/0/threaded
http://www.securityfocus.com/archive/1/437266/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/27122

Products affected by CVE-2006-3040

Amr Talkbox » Amr Talkbox » Version: Any

cpe:2.3:a:amr_talkbox:amr_talkbox:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3040

Products

Pricing

Contact Us