Vulnerabilities > CVE-2006-4055 - Unspecified vulnerability in Tsep

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
tsep
exploit available
NVD
Published: 2006-08-10
Updated: 2024-11-21

Summary

Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to (1) include/colorswitch.php, (2) contentimages.class.php, (3) ipfunctions.php, (4) configfunctions.php, (5) printpagedetails.php, or (6) log.class.php. NOTE: the copyright.php vector is already covered by CVE-2006-3993.

Vulnerable Configurations

Part Description Count
Application
Tsep
1

Exploit-Db

  • descriptionTSEP <= 0.942 (copyright.php) Remote Inclusion Vulnerability. CVE-2006-3993,CVE-2006-4055,CVE-2006-4085. Webapps exploit for php platform
    fileexploits/php/webapps/2098.txt
    idEDB-ID:2098
    last seen2016-01-31
    modified2006-08-01
    platformphp
    port
    published2006-08-01
    reporterPhilipp Niedziela
    sourcehttps://www.exploit-db.com/download/2098/
    titleTSEP <= 0.942 copyright.php Remote Inclusion Vulnerability
    typewebapps
  • descriptionTSEP <= 0.942 (colorswitch.php) Remote Inclusion Vulnerability. CVE-2006-4055. Webapps exploit for php platform
    fileexploits/php/webapps/2116.txt
    idEDB-ID:2116
    last seen2016-01-31
    modified2006-08-02
    platformphp
    port
    published2006-08-02
    reporterbeford
    sourcehttps://www.exploit-db.com/download/2116/
    titleTSEP <= 0.942 colorswitch.php Remote Inclusion Vulnerability
    typewebapps

References