Vulnerability Details CVE-2006-5148
Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertorylevel parameter including scripts in /forum/ including (1) search.php, (2) message.php, (3) member.php, (4) mail.php, (5) lostpassword.php, (6) gesfil.php, (7) forum82lib.php3, and other unspecified scripts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.037
EPSS Ranking 87.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/22214
- http://www.securityfocus.com/bid/20291
- http://www.vupen.com/english/advisories/2006/3865
- https://www.exploit-db.com/exploits/2459
- http://secunia.com/advisories/22214
- http://www.securityfocus.com/bid/20291
- http://www.vupen.com/english/advisories/2006/3865
- https://www.exploit-db.com/exploits/2459