Vulnerability Details CVE-2006-4061
PHP remote file inclusion vulnerability in index.php in Thomas Pequet phpPrintAnalyzer 1.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rep_par_rapport_racine parameter. NOTE: this issue has been disputed by third party researchers, stating that the rep_par_rapport_racine variable is initialized before use
Exploit prediction scoring system (EPSS) score
EPSS Score 0.039
EPSS Ranking 87.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2006-08/0305.html
- http://securitytracker.com/id?1016652
- http://www.osvdb.org/29133
- http://www.securityfocus.com/archive/1/442492/100/0/threaded
- http://www.securityfocus.com/bid/19397
- http://archives.neohapsis.com/archives/bugtraq/2006-08/0305.html
- http://securitytracker.com/id?1016652
- http://www.osvdb.org/29133
- http://www.securityfocus.com/archive/1/442492/100/0/threaded
- http://www.securityfocus.com/bid/19397
Products affected by CVE-2006-4061
-
cpe:2.3:a:thomas_pequet:phpprintanalyzer:1.1