1. CVE-Search
  2. CVE-2006-1793
ID CVE-2006-1793
Summary Directory traversal vulnerability in runCMS 1.2 and earlier allows remote attackers to read arbitrary files via the bbPath[path] parameter to (1) class.forumposts.php and (2) forumpollrenderer.php. NOTE: this issue is closely related to CVE-2006-0659. Succesful exploitation requires that register_globals = On & allow_url_fopen = On
References
Vulnerable Configurations
  • cpe:2.3:a:runcms:runcms:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:runcms:runcms:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:runcms:runcms:1.1a:*:*:*:*:*:*:*
    cpe:2.3:a:runcms:runcms:1.1a:*:*:*:*:*:*:*
  • cpe:2.3:a:runcms:runcms:*:*:*:*:*:*:*:*
    cpe:2.3:a:runcms:runcms:*:*:*:*:*:*:*:*
CVSS
Base: 7.6 (as of 05-09-2008 - 21:02)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:H/Au:N/C:C/I:C/A:C
refmap via4
bid 16578
bugtraq 20060209 runCMS <= 1.3a2 possible remote code execution through the integrated FCKEditor package
misc http://retrogod.altervista.org/runcms_13a_xpl.html
Last major update 05-09-2008 - 21:02
Published 17-04-2006 - 10:02
Last modified 05-09-2008 - 21:02
Back to Top