Vulnerability Details CVE-2006-4115
PHP remote file inclusion vulnerability in common.inc.php in PgMarket 2.2.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the CFG[libdir] parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.026
EPSS Ranking 84.9%
CVSS Severity
CVSS v2 Score 5.1
References
- http://securityreason.com/securityalert/1375
- http://www.securityfocus.com/archive/1/442684/100/0/threaded
- http://www.securityfocus.com/bid/19439
- http://www.vupen.com/english/advisories/2006/3240
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28290
- http://securityreason.com/securityalert/1375
- http://www.securityfocus.com/archive/1/442684/100/0/threaded
- http://www.securityfocus.com/bid/19439
- http://www.vupen.com/english/advisories/2006/3240
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28290
Products affected by CVE-2006-4115
-
cpe:2.3:a:e-zest_solutions:pgmarket:2.2.3