CVE-2006-7181 — HIGH (10.0)

Q: How severe is CVE-2006-7181?

CVE-2006-7181 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2006-7181?

Check the references section above for vendor advisories and patch information. Affected products include: Morcego Cms Morcego Cms.

Vulnerability Description

Multiple PHP remote file inclusion vulnerabilities in Morcego CMS 0.9.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) fichero parameter to morcegoCMS.php or the (2) path parameter to adodb/adodb.inc.php. NOTE: vector 1 has been disputed by a third party who shows that $fichero can not be controlled by an attacker

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Morcego Cms	Morcego Cms	<= 0.9.6

Related Weaknesses (CWE)

CWE-94

References

FAQ

What is CVE-2006-7181?

CVE-2006-7181 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple PHP remote file inclusion vulnerabilities in Morcego CMS 0.9.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) fichero parameter to morcegoCMS.php or the...

How severe is CVE-2006-7181?

CVE-2006-7181 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-7181?

Check the references section above for vendor advisories and patch information. Affected products include: Morcego Cms Morcego Cms.