CVE-2006-4920

Loading...

General

Score:7.5/10.0
Severity:High
Category:N/A
Exploit:Available

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 21/09/06 - Updated on 19/10/17

Description

Multiple PHP remote file inclusion vulnerabilities in Site@School (S@S) 2.4.02 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to (1) starnet/modules/sn_allbum/slideshow.php, and (2) starnet/themes/editable/main.inc.php.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2006-4920

Exploits

Exploit-DBEDB-2374
SecurityFocusBID-20053

Relative technologies

VendorProduct
siteatschoolsiteatschool

Share this vulnerability with:

Twitter Facebook LinkedIn Mail