CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-6167

Multiple PHP remote file inclusion vulnerabilities in L. Brandon Stone and Nathanial P. Hendler Active PHP Bookmarks (APB) 1.1.02 allow remote attackers to execute arbitrary PHP code via a URL in the APB_SETTINGS['apb_path'] parameter in (1) apb_common.php or (2) apb.php. NOTE: CVE and another third party dispute this vulnerability because these PHP scripts exit if the attack vectors are present in GPC variables

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.2%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.osvdb.org/31956
http://www.securityfocus.com/archive/1/452490/100/0/threaded
http://www.securityfocus.com/archive/1/452559/100/0/threaded
http://www.securityfocus.com/bid/21263
http://www.securityfocus.com/bid/23670
https://exchange.xforce.ibmcloud.com/vulnerabilities/30518
http://www.osvdb.org/31956
http://www.securityfocus.com/archive/1/452490/100/0/threaded
http://www.securityfocus.com/archive/1/452559/100/0/threaded
http://www.securityfocus.com/bid/21263
http://www.securityfocus.com/bid/23670
https://exchange.xforce.ibmcloud.com/vulnerabilities/30518

Products affected by CVE-2006-6167

Active Php Bookmarks » Active Php Bookmarks » Version: 1.1.02

cpe:2.3:a:active_php_bookmarks:active_php_bookmarks:1.1.02

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-6167

Products

Pricing

Contact Us