CVE-2006-5509

Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/22442
http://securityreason.com/securityalert/1774
http://www.security.nnov.ru/Odocument711.html
http://www.securityfocus.com/archive/1/448796/100/100/threaded
http://www.securityfocus.com/bid/20563
http://www.vupen.com/english/advisories/2006/4062
https://exchange.xforce.ibmcloud.com/vulnerabilities/29599

Configurations

Configuration 1 (hide)

cpe:2.3:a:woltlab:burning_book:1.1.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-10-25 22:07

Updated : 2023-12-10 10:40

NVD link : CVE-2006-5509

Mitre link : CVE-2006-5509

CVE.ORG link : CVE-2006-5509

JSON object : View

Products Affected

woltlab

burning_book

CWE

NVD-CWE-Other

{"id": "CVE-2006-5509", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-10-25T22:07:00.000", "references": [{"url": "http://secunia.com/advisories/22442", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/1774", "source": "cve@mitre.org"}, {"url": "http://www.security.nnov.ru/Odocument711.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/448796/100/100/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/20563", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/4062", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29599", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter."}, {"lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n de Eval en el archivo addentry.php de WoltLab Burning Book 1.1.2 permite a atacantes remotos la ejecuci\u00f3n de c\u00f3digo PHP de su elecci\u00f3n mediante peticiones POST manipuladas que almacenan c\u00f3digo PHP en la Base de Datos que son luego procesados por el \"eval\", como el demostrado usando inyecciones de SQL a trav\u00e9s del par\u00e1metros n."}], "lastModified": "2018-10-17T21:43:38.767", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:woltlab:burning_book:1.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B919D8D-D6E9-4171-9D59-8CA72EA78210"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}