Vulnerability Details CVE-2006-5473
PHP remote file inclusion vulnerability in Description.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via the lib_dir parameter. NOTE: this issue is disputed by CVE as of 20061023, since there is no Description.php file included in the product, and the existing "Description" file contains documentation, not functioning code
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://attrition.org/pipermail/vim/2006-October/001090.html
- http://securityreason.com/securityalert/1763
- http://www.attrition.org/pipermail/vim/2006-October/001094.html
- http://www.securityfocus.com/archive/1/449355/100/0/threaded
- http://attrition.org/pipermail/vim/2006-October/001090.html
- http://securityreason.com/securityalert/1763
- http://www.attrition.org/pipermail/vim/2006-October/001094.html
- http://www.securityfocus.com/archive/1/449355/100/0/threaded
Products affected by CVE-2006-5473
-
cpe:2.3:a:softerra:php_developer_library:*