Vulnerability Details CVE-2006-5183
Multiple PHP remote file inclusion vulnerabilities in Dayfox Designs Dayfox Blog 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the slogin parameter in the (1) adminlog.php, (2) postblog.php, (3) index.php, or (4) index2.php script in /edit.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://securityreason.com/securityalert/1694
- http://www.securityfocus.com/archive/1/447500/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29310
- http://securityreason.com/securityalert/1694
- http://www.securityfocus.com/archive/1/447500/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29310
Products affected by CVE-2006-5183
-
cpe:2.3:a:dayfox_designs:dayfox_blog:2.0