CVE-2006-0810

Unspecified vulnerability in config.php in Skate Board 0.9 allows remote authenticated administrators to execute arbitrary PHP code by causing certain variables in config.php to be modified, possibly due to XSS or direct static code injection.

CVSS v2.0 3.5 LOW

3.5^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:M/Au:S/C:N/I:P/A:N

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://evuln.com/vulns/84/summary.html	Vendor Advisory
http://www.osvdb.org/23304
http://secunia.com/advisories/18978
http://www.securityfocus.com/archive/1/426658/30/0/threaded
http://www.securityfocus.com/bid/16936
http://securityreason.com/securityalert/540
https://exchange.xforce.ibmcloud.com/vulnerabilities/24780

Configurations

Configuration 1 (hide)

cpe:2.3:a:skate_board:skate_board:0.9:*:*:*:*:*:*:*

Information

Published : 2006-02-20 18:02

Updated : 2017-07-19 18:30

NVD link : CVE-2006-0810

Mitre link : CVE-2006-0810

JSON object : View

CWE

NVD-CWE-Other

Products Affected

skate_board

skate_board

3.5 /10