Vulnerabilities > CVE-2006-4738 - Remote Security vulnerability in Jetbox CMS 2.1Sr1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
jetbox

Summary

PHP remote file inclusion vulnerability in phpthumb.php in Jetbox CMS allows remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter. NOTE: The relative_script_path vector is already covered by CVE-2006-2270.

Vulnerable Configurations

Part Description Count
Application
Jetbox
1