CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-4987

Multiple PHP remote file inclusion vulnerabilities in Patrick Michaelis Wili-CMS allow remote attackers to execute arbitrary PHP code via a URL in the globals[content_dir] parameter in (1) example-view/templates/article.php, (2) example-view/templates/root.php, and (3) example-view/templates/dates_list.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.018

EPSS Ranking 81.7%

CVSS Severity

CVSS v2 Score 7.5

References

http://securityreason.com/securityalert/1633
http://www.securityfocus.com/archive/1/446575/100/0/threaded
http://www.securityfocus.com/bid/20134
https://exchange.xforce.ibmcloud.com/vulnerabilities/29101
http://securityreason.com/securityalert/1633
http://www.securityfocus.com/archive/1/446575/100/0/threaded
http://www.securityfocus.com/bid/20134
https://exchange.xforce.ibmcloud.com/vulnerabilities/29101

Products affected by CVE-2006-4987

Patrick Michaelis » Wili-Cms » Version: 0.1.1

cpe:2.3:a:patrick_michaelis:wili-cms:0.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-4987

Products

Pricing

Contact Us