CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-4738

PHP remote file inclusion vulnerability in phpthumb.php in Jetbox CMS allows remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter. NOTE: The relative_script_path vector is already covered by CVE-2006-2270.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://securityreason.com/securityalert/1562
http://www.securityfocus.com/archive/1/445652/100/0/threaded
http://www.securityfocus.com/bid/19303
https://exchange.xforce.ibmcloud.com/vulnerabilities/28843
http://securityreason.com/securityalert/1562
http://www.securityfocus.com/archive/1/445652/100/0/threaded
http://www.securityfocus.com/bid/19303
https://exchange.xforce.ibmcloud.com/vulnerabilities/28843

Products affected by CVE-2006-4738

Jetbox » Jetbox Cms » Version: 2.1_sr1

cpe:2.3:a:jetbox:jetbox_cms:2.1_sr1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-4738

Products

Pricing

Contact Us