Vulnerability Details CVE-2006-5148
Multiple PHP remote file inclusion vulnerabilities in Forum82 2.5.2b and earlier allow remote attackers to execute arbitrary PHP code via a URL in the repertorylevel parameter including scripts in /forum/ including (1) search.php, (2) message.php, (3) member.php, (4) mail.php, (5) lostpassword.php, (6) gesfil.php, (7) forum82lib.php3, and other unspecified scripts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.108
EPSS Ranking 93.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/22214
- http://www.securityfocus.com/bid/20291
- http://www.vupen.com/english/advisories/2006/3865
- https://www.exploit-db.com/exploits/2459
- http://secunia.com/advisories/22214
- http://www.securityfocus.com/bid/20291
- http://www.vupen.com/english/advisories/2006/3865
- https://www.exploit-db.com/exploits/2459