CVE-2006-3053

** DISPUTED ** PHP remote file inclusion vulnerability in common.php in PHORUM 5.1.13 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHORUM[http_path] parameter. NOTE: this issue has been disputed by the vendor, who states "common.php is checked on the very first line of non-comment code that it is not being called directly. It has been this way in all 5.x version of Phorum." CVE analysis concurs with the vendor.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/16977	Exploit
http://securityreason.com/securityalert/1103
https://exchange.xforce.ibmcloud.com/vulnerabilities/27064
http://www.securityfocus.com/archive/1/437988/100/0/threaded
http://www.securityfocus.com/archive/1/436863/100/0/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:phorum:phorum:3.1:::::::*
	cpe:2.3:a:phorum:phorum:3.2.2:::::::*
	cpe:2.3:a:phorum:phorum:3.2.3:::::::*
	cpe:2.3:a:phorum:phorum:3.3.1:::::::*
	cpe:2.3:a:phorum:phorum:3.3.1a:::::::*
	cpe:2.3:a:phorum:phorum:3.4.3:::::::*
	cpe:2.3:a:phorum:phorum:3.4.4:::::::*
	cpe:2.3:a:phorum:phorum:5.0.11:::::::*
	cpe:2.3:a:phorum:phorum:5.0.12:::::::*
	cpe:2.3:a:phorum:phorum:5.0.7_beta:::::::*
	cpe:2.3:a:phorum:phorum:5.0.9:::::::*
	cpe:2.3:a:phorum:phorum:5.0.15a:::::::*
	cpe:2.3:a:phorum:phorum:3.2.7:::::::*
	cpe:2.3:a:phorum:phorum:3.2.8:::::::*
	cpe:2.3:a:phorum:phorum:5.0.17a:::::::*
	cpe:2.3:a:phorum:phorum:3.4:::::::*
	cpe:2.3:a:phorum:phorum:3.1.1_rc2:::::::*
	cpe:2.3:a:phorum:phorum:5.0.18:::::::*
	cpe:2.3:a:phorum:phorum:3.1.1a:::::::*
	cpe:2.3:a:phorum:phorum:3.4.8a:::::::*
	cpe:2.3:a:phorum:phorum:3.2.5:::::::*
	cpe:2.3:a:phorum:phorum:3.2:::::::*
	cpe:2.3:a:phorum:phorum:5.0.16:::::::*
	cpe:2.3:a:phorum:phorum:5.0.10:::::::*
	cpe:2.3:a:phorum:phorum:3.1.2:::::::*
	cpe:2.3:a:phorum:phorum:3.4.2:::::::*
	cpe:2.3:a:phorum:phorum:3.4.1:::::::*
	cpe:2.3:a:phorum:phorum:3.4.7:::::::*
	cpe:2.3:a:phorum:phorum:5.0.3_beta:::::::*
	cpe:2.3:a:phorum:phorum:3.4.8:::::::*
	cpe:2.3:a:phorum:phorum:3.2.4:::::::*
	cpe:2.3:a:phorum:phorum:3.3.2b3:::::::*
	cpe:2.3:a:phorum:phorum:3.2.6:::::::*
	cpe:2.3:a:phorum:phorum:3.1.1_pre:::::::*
	cpe:2.3:a:phorum:phorum:3.4.6:::::::*
	cpe:2.3:a:phorum:phorum:3.1.1:::::::*
	cpe:2.3:a:phorum:phorum:3.3.2:::::::*
	cpe:2.3:a:phorum:phorum:3.4.5:::::::*
	cpe:2.3:a:phorum:phorum:3.2.3a:::::::*
	cpe:2.3:a:phorum:phorum::::::::
	cpe:2.3:a:phorum:phorum:5.0.14:::::::*
	cpe:2.3:a:phorum:phorum:5.0.13:::::::*
	cpe:2.3:a:phorum:phorum:3.2.3b:::::::*
	cpe:2.3:a:phorum:phorum:3.3.2a:::::::*

Information

Published : 2006-06-16 03:02

Updated : 2018-10-18 09:45

NVD link : CVE-2006-3053

Mitre link : CVE-2006-3053

JSON object : View

CWE

NVD-CWE-Other

Products Affected

phorum

phorum

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/16977", "name": "16977", "tags": ["Exploit"], "refsource": "BID"}, {"url": "http://securityreason.com/securityalert/1103", "name": "1103", "tags": [], "refsource": "SREASON"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27064", "name": "phorum-common-file-include(27064)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/437988/100/0/threaded", "name": "20060619 Re: # MHG Security Team --- PHORUM 5.1.13 Remote File Inc.", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/436863/100/0/threaded", "name": "20060611 # MHG Security Team --- PHORUM 5.1.13 Remote File Inc.", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "** DISPUTED ** PHP remote file inclusion vulnerability in common.php in PHORUM 5.1.13 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHORUM[http_path] parameter. NOTE: this issue has been disputed by the vendor, who states \"common.php is checked on the very first line of non-comment code that it is not being called directly. It has been this way in all 5.x version of Phorum.\" CVE analysis concurs with the vendor."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-3053", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2006-06-16T10:02Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.3.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:5.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:5.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:5.0.7_beta:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:5.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:5.0.15a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.2.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.2.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:5.0.17a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.1.1_rc2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:5.0.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.1.1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.4.8a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:5.0.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:5.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.4.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:5.0.3_beta:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.4.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.3.2b3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.2.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.1.1_pre:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.4.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.2.3a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "5.1.13"}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:5.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:5.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.2.3b:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:phorum:phorum:3.3.2a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-18T16:45Z"}

7.5 /10