Vulnerabilities > CVE-2006-5533 - Remote Security vulnerability in AROUNDMe

CVSS 5.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

aroundme

NVD

Published: 2006-10-26

Updated: 2018-10-17

Summary

Multiple PHP remote file inclusion vulnerabilities in AROUNDMe 0.6.9, and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the templatePath parameter in template/barnraiser_01/pol_view.tpl.php and other unspecified PHP scripts, a different vector than CVE-2006-5401.

Vulnerable Configurations

Part	Description	Count
Application	Aroundme Aroundme Aroundme *	1

References

http://marc.info/?l=full-disclosure&m=116154841209515&w=2
http://securityreason.com/securityalert/1786
http://securitytracker.com/id?1017106
http://www.securityfocus.com/archive/1/449476/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/29743