Vulnerabilities > CVE-2006-5678

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

j-pierre-dezelus

phpmyconferences

NVD

Published: 2006-11-03

Updated: 2024-04-11

Summary

PHP remote file inclusion vulnerability in common/visiteurs/include/library.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the lvc_modules_dir parameter. NOTE: CVE disputes this vulnerability, because the inclusion occurs in a function that is not called during a direct request to library.inc.php

Vulnerable Configurations

Part	Description	Count
Application	J-Pierre_Dezelus J Pierre Dezelus LES Visiteurs 2.0.1	1
Application	Phpmyconferences Phpmyconferences Phpmyconferences 8.0.2	1

References

http://www.attrition.org/pipermail/vim/2006-November/001105.html
http://securityreason.com/securityalert/1810
https://exchange.xforce.ibmcloud.com/vulnerabilities/29919
http://www.securityfocus.com/archive/1/450467/100/0/threaded
http://www.securityfocus.com/archive/1/450140/100/0/threaded

Vulnerabilities > CVE-2006-5678 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2006-5678"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2006-5678