Vulnerabilities > CVE-2006-4738 - Remote Security vulnerability in Jetbox CMS 2.1Sr1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
jetbox
NVD
Published: 2006-09-13
Updated: 2018-10-17

Summary

PHP remote file inclusion vulnerability in phpthumb.php in Jetbox CMS allows remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter. NOTE: The relative_script_path vector is already covered by CVE-2006-2270.

Vulnerable Configurations

Part Description Count
Application
Jetbox
1

References