CVE-2006-2121 - PHP remote file include vulnerability in admin/config_settings.tpl.php in I-RATER Platinum allows re

CVE-2006-2121

Summary

PHP remote file include vulnerability in admin/config_settings.tpl.php in I-RATER Platinum allows remote attackers to execute arbitrary code via a URL in the include_path parameter. NOTE: this is a different vector, and possibly a different vulnerability, than CVE-2006-1929.

References

Vulnerable Configurations

cpe:2.3:a:i-rater:i-rater_platinum:*:*:*:*:*:*:*:*
cpe:2.3:a:i-rater:i-rater_platinum:*:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 18-10-2018 - 16:38)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:P/A:N

refmap via4

bid	17731
bugtraq	20060428 [Kurdish Secure Advisory #1] I-RATER Platinum "Admin/configsettings.tpl.php" Remote File Include Vulnerability 20060429 I-RATER Platinum Remote File Inclusion exploit Cod3d by R@1D3N
sreason	824
xf	irater-configsettingtpl-file-include(26203)

Last major update

18-10-2018 - 16:38

Published

01-05-2006 - 22:06

Last modified

18-10-2018 - 16:38