Vulnerability Description
PHP remote file include vulnerability in index.php in SMartBlog (aka SMBlog) 1.2 allows remote attackers to include and execute arbitrary PHP files via (1) the pg parameter and (2) a query string without a parameter.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Smartblog | Smartblog | 1.2 |
References
- http://www.securityfocus.com/archive/1/426498/100/0/threaded
- http://www.securityfocus.com/bid/16905
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25220
- http://www.securityfocus.com/archive/1/426498/100/0/threaded
- http://www.securityfocus.com/bid/16905
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25220
FAQ
What is CVE-2006-1013?
CVE-2006-1013 is a vulnerability with a CVSS score of 7.5 (HIGH). PHP remote file include vulnerability in index.php in SMartBlog (aka SMBlog) 1.2 allows remote attackers to include and execute arbitrary PHP files via (1) the pg parameter and (2) a query string with...
How severe is CVE-2006-1013?
CVE-2006-1013 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1013?
Check the references section above for vendor advisories and patch information. Affected products include: Smartblog Smartblog.