Vulnerabilities > CVE-2006-4451 - Unspecified vulnerability in CJ Design CJ TAG Board 3.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Direct static code injection vulnerability in CJ Tag Board 3.0 allows remote attackers to execute arbitrary PHP code via the (1) User-Agent HTTP header in tag.php, which is executed by all.php, and (2) the banned parameter in admin_index.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |