CVE-2006-0810 - Unspecified vulnerability in config.php in Skate Board 0.9 allows remote authenticated administrator

CVE-2006-0810

Summary

Unspecified vulnerability in config.php in Skate Board 0.9 allows remote authenticated administrators to execute arbitrary PHP code by causing certain variables in config.php to be modified, possibly due to XSS or direct static code injection.

References

http://evuln.com/vulns/84/summary.html
http://secunia.com/advisories/18978
http://securityreason.com/securityalert/540
http://www.osvdb.org/23304
http://www.securityfocus.com/archive/1/426658/30/0/threaded
http://www.securityfocus.com/bid/16936
https://exchange.xforce.ibmcloud.com/vulnerabilities/24780

Vulnerable Configurations

cpe:2.3:a:skate_board:skate_board:0.9:*:*:*:*:*:*:*
cpe:2.3:a:skate_board:skate_board:0.9:*:*:*:*:*:*:*

CVSS

Base:	3.5 (as of 20-07-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:S/C:N/I:P/A:N

refmap via4

bid	16936
bugtraq	20060303 [eVuln] Skate Board Multimple Vulnerabilities
misc	http://evuln.com/vulns/84/summary.html
osvdb	23304
secunia	18978
sreason	540
xf	skateboard-config-file-include(24780)

Last major update

20-07-2017 - 01:30

Published

21-02-2006 - 02:02

Last modified

20-07-2017 - 01:30