Vulnerability Description
Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to fopen function calls or file uploads. NOTE: post-disclosure analysis by CVE suggests that the "page" parameter is not used in this product, and "id" might be the affected parameter.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juliusz Julas Gonera | Warcraft Iii Replay Parser Php | 1.8c |
References
- http://www.securityfocus.com/archive/1/429535/100/0/threaded
- http://www.securityfocus.com/bid/17334
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25686
- http://www.securityfocus.com/archive/1/429535/100/0/threaded
- http://www.securityfocus.com/bid/17334
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25686
FAQ
What is CVE-2006-1584?
CVE-2006-1584 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to fopen funct...
How severe is CVE-2006-1584?
CVE-2006-1584 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1584?
Check the references section above for vendor advisories and patch information. Affected products include: Juliusz Julas Gonera Warcraft Iii Replay Parser Php.