Vulnerability Description
Directory traversal vulnerability in include.php in Noah's Classifieds 1.3 allows remote attackers to include arbitrary local files via the otherTemplate parameter to index.php.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phpoutsourcing | Noahs Classifieds | 1.2 |
References
- http://securitytracker.com/id?1015667
- http://www.kapda.ir/advisory-268.htmlExploitVendor Advisory
- http://www.securityfocus.com/archive/1/425783/100/0/threaded
- http://www.securityfocus.com/bid/16778Exploit
- http://www.vupen.com/english/advisories/2006/0703
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24900
- http://securitytracker.com/id?1015667
- http://www.kapda.ir/advisory-268.htmlExploitVendor Advisory
- http://www.securityfocus.com/archive/1/425783/100/0/threaded
- http://www.securityfocus.com/bid/16778Exploit
- http://www.vupen.com/english/advisories/2006/0703
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24900
FAQ
What is CVE-2006-0882?
CVE-2006-0882 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Directory traversal vulnerability in include.php in Noah's Classifieds 1.3 allows remote attackers to include arbitrary local files via the otherTemplate parameter to index.php.
How severe is CVE-2006-0882?
CVE-2006-0882 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0882?
Check the references section above for vendor advisories and patch information. Affected products include: Phpoutsourcing Noahs Classifieds.