CVE-2006-2811 - OpenCVE

Multiple PHP remote file inclusion vulnerabilities in Cantico Ovidentia 5.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the babInstallPath parameter in (1) index.php, (2) topman.php, (3) approb.php, (4) vacadmb.php, (5) vacadma.php, (6) vacadm.php, (7) statart.php, (8) search.php, (9) posts.php, (10) options.php, (11) login.php, (12) frchart.php, (13) flbchart.php, (14) fileman.php, (15) faq.php, (16) event.php, (17) directory.php, (18) articles.php, (19) artedit.php, (20) calday.php, and additional unspecified PHP scripts. NOTE: the utilit.php vector is already covered by CVE-2005-1964.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Cantico	Ovidentia

Configuration 1 [-]

cpe:2.3:a:cantico:ovidentia:5.8.0:*:*:*:*:*:*:*

References

Link	Resource
http://securityreason.com/securityalert/1033
http://www.osvdb.org/27209
http://www.osvdb.org/27211
http://www.osvdb.org/27212
http://www.osvdb.org/27213
http://www.osvdb.org/27214
http://www.osvdb.org/27215
http://www.osvdb.org/27216
http://www.osvdb.org/27217
http://www.osvdb.org/27218
http://www.osvdb.org/27219
http://www.osvdb.org/27220
http://www.osvdb.org/27221
http://www.osvdb.org/27222
http://www.osvdb.org/27223
http://www.osvdb.org/27224
http://www.osvdb.org/27225
http://www.osvdb.org/27226
http://www.osvdb.org/27227
http://www.osvdb.org/27228
http://www.osvdb.org/27229
http://www.securityfocus.com/archive/1/435590/100/0/threaded
http://www.securityfocus.com/archive/1/456893/100/200/threaded
http://www.securityfocus.com/archive/1/459572/100/0/threaded
http://www.securityfocus.com/bid/18232
https://exchange.xforce.ibmcloud.com/vulnerabilities/26981

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2006-06-05T17:00:00

Updated: 2018-10-18T14:57:01

Reserved: 2006-06-05T00:00:00

Link: CVE-2006-2811

JSON object: View

NVD Information

Status : Modified

Published: 2006-06-05T17:02:00.000

Modified: 2018-10-18T16:43:04.480

Link: CVE-2006-2811

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-05-31T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple PHP remote file inclusion vulnerabilities in Cantico Ovidentia 5.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the babInstallPath parameter in (1) index.php, (2) topman.php, (3) approb.php, (4) vacadmb.php, (5) vacadma.php, (6) vacadm.php, (7) statart.php, (8) search.php, (9) posts.php, (10) options.php, (11) login.php, (12) frchart.php, (13) flbchart.php, (14) fileman.php, (15) faq.php, (16) event.php, (17) directory.php, (18) articles.php, (19) artedit.php, (20) calday.php, and additional unspecified PHP scripts. NOTE: the utilit.php vector is already covered by CVE-2005-1964."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "27223", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27223"}, {"name": "ovidentia-multiple-scripts-file-include(26981)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26981"}, {"name": "27228", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27228"}, {"name": "27215", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27215"}, {"name": "27224", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27224"}, {"name": "27214", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27214"}, {"name": "1033", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/1033"}, {"name": "27216", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27216"}, {"name": "27212", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27212"}, {"name": "27222", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27222"}, {"name": "27221", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27221"}, {"name": "27226", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27226"}, {"name": "27220", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27220"}, {"name": "27225", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27225"}, {"name": "27211", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27211"}, {"name": "27229", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27229"}, {"name": "18232", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/18232"}, {"name": "20070114 Ovidentia 5.6x Series Remote File İnclude", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/456893/100/200/threaded"}, {"name": "27209", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27209"}, {"name": "27218", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27218"}, {"name": "27217", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27217"}, {"name": "27227", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27227"}, {"name": "27213", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27213"}, {"name": "20060531 multiple file inclusion exploits in ovidentia v5.8.0", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/435590/100/0/threaded"}, {"name": "27219", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27219"}, {"name": "20070209 Ovidentia Exploit Codeds", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/459572/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2811", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple PHP remote file inclusion vulnerabilities in Cantico Ovidentia 5.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the babInstallPath parameter in (1) index.php, (2) topman.php, (3) approb.php, (4) vacadmb.php, (5) vacadma.php, (6) vacadm.php, (7) statart.php, (8) search.php, (9) posts.php, (10) options.php, (11) login.php, (12) frchart.php, (13) flbchart.php, (14) fileman.php, (15) faq.php, (16) event.php, (17) directory.php, (18) articles.php, (19) artedit.php, (20) calday.php, and additional unspecified PHP scripts. NOTE: the utilit.php vector is already covered by CVE-2005-1964."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "27223", "refsource": "OSVDB", "url": "http://www.osvdb.org/27223"}, {"name": "ovidentia-multiple-scripts-file-include(26981)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26981"}, {"name": "27228", "refsource": "OSVDB", "url": "http://www.osvdb.org/27228"}, {"name": "27215", "refsource": "OSVDB", "url": "http://www.osvdb.org/27215"}, {"name": "27224", "refsource": "OSVDB", "url": "http://www.osvdb.org/27224"}, {"name": "27214", "refsource": "OSVDB", "url": "http://www.osvdb.org/27214"}, {"name": "1033", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1033"}, {"name": "27216", "refsource": "OSVDB", "url": "http://www.osvdb.org/27216"}, {"name": "27212", "refsource": "OSVDB", "url": "http://www.osvdb.org/27212"}, {"name": "27222", "refsource": "OSVDB", "url": "http://www.osvdb.org/27222"}, {"name": "27221", "refsource": "OSVDB", "url": "http://www.osvdb.org/27221"}, {"name": "27226", "refsource": "OSVDB", "url": "http://www.osvdb.org/27226"}, {"name": "27220", "refsource": "OSVDB", "url": "http://www.osvdb.org/27220"}, {"name": "27225", "refsource": "OSVDB", "url": "http://www.osvdb.org/27225"}, {"name": "27211", "refsource": "OSVDB", "url": "http://www.osvdb.org/27211"}, {"name": "27229", "refsource": "OSVDB", "url": "http://www.osvdb.org/27229"}, {"name": "18232", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18232"}, {"name": "20070114 Ovidentia 5.6x Series Remote File İnclude", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/456893/100/200/threaded"}, {"name": "27209", "refsource": "OSVDB", "url": "http://www.osvdb.org/27209"}, {"name": "27218", "refsource": "OSVDB", "url": "http://www.osvdb.org/27218"}, {"name": "27217", "refsource": "OSVDB", "url": "http://www.osvdb.org/27217"}, {"name": "27227", "refsource": "OSVDB", "url": "http://www.osvdb.org/27227"}, {"name": "27213", "refsource": "OSVDB", "url": "http://www.osvdb.org/27213"}, {"name": "20060531 multiple file inclusion exploits in ovidentia v5.8.0", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435590/100/0/threaded"}, {"name": "27219", "refsource": "OSVDB", "url": "http://www.osvdb.org/27219"}, {"name": "20070209 Ovidentia Exploit Codeds", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/459572/100/0/threaded"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2811", "datePublished": "2006-06-05T17:00:00", "dateReserved": "2006-06-05T00:00:00", "dateUpdated": "2018-10-18T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cantico:ovidentia:5.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "06CC9901-6F06-4D6B-9456-888F937FC7D3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple PHP remote file inclusion vulnerabilities in Cantico Ovidentia 5.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the babInstallPath parameter in (1) index.php, (2) topman.php, (3) approb.php, (4) vacadmb.php, (5) vacadma.php, (6) vacadm.php, (7) statart.php, (8) search.php, (9) posts.php, (10) options.php, (11) login.php, (12) frchart.php, (13) flbchart.php, (14) fileman.php, (15) faq.php, (16) event.php, (17) directory.php, (18) articles.php, (19) artedit.php, (20) calday.php, and additional unspecified PHP scripts. NOTE: the utilit.php vector is already covered by CVE-2005-1964."}], "id": "CVE-2006-2811", "lastModified": "2018-10-18T16:43:04.480", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-06-05T17:02:00.000", "references": [{"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/1033"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27209"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27211"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27212"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27213"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27214"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27215"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27216"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27217"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27218"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27219"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27220"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27221"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27222"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27223"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27224"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27225"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27226"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27227"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27228"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27229"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/435590/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/456893/100/200/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/459572/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/18232"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26981"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}