mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
212 lines
7.2 KiB
JSON
212 lines
7.2 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2006-5220",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Multiple PHP remote file inclusion vulnerabilities in WebYep 1.1.9, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via the webyep_sIncludePath in (1) files in the programm/lib/ directory including (a) WYApplication.php, (b) WYDocument.php, (c) WYEditor.php, (d) WYElement.php, (e) WYFile.php, (f) WYHTMLTag.php, (g) WYImage.php, (h) WYLanguage.php, (i) WYLink.php, (j) WYPath.php, (k) WYPopupWindowLink.php, (l) WYSelectMenu.php, and (m) WYTextArea.php; (2) files in the programm/elements/ directory including (n) WYGalleryElement.php, (o) WYGuestbookElement.php, (p) WYImageElement.php, (q) WYLogonButtonElement.php, (r) WYLongTextElement.php, (s) WYLoopElement.php, (t) WYMenuElement.php, and (u) WYShortTextElement.php; and (3) programm/webyep.php."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "1702",
|
|
"refsource": "SREASON",
|
|
"url": "http://securityreason.com/securityalert/1702"
|
|
},
|
|
{
|
|
"name": "2496",
|
|
"refsource": "EXPLOIT-DB",
|
|
"url": "https://www.exploit-db.com/exploits/2496"
|
|
},
|
|
{
|
|
"name": "29654",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29654"
|
|
},
|
|
{
|
|
"name": "29648",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29648"
|
|
},
|
|
{
|
|
"name": "29660",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29660"
|
|
},
|
|
{
|
|
"name": "http://advisories.echo.or.id/adv/adv48-theday-2006.txt",
|
|
"refsource": "MISC",
|
|
"url": "http://advisories.echo.or.id/adv/adv48-theday-2006.txt"
|
|
},
|
|
{
|
|
"name": "29645",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29645"
|
|
},
|
|
{
|
|
"name": "20406",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/20406"
|
|
},
|
|
{
|
|
"name": "29644",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29644"
|
|
},
|
|
{
|
|
"name": "20061009 [ECHO_ADV_48$2006] WebYep <= 1.1.9 (webyep_sIncludePath) Multiple Remote File Inclusion Vulnerability",
|
|
"refsource": "BUGTRAQ",
|
|
"url": "http://www.securityfocus.com/archive/1/448009/100/0/threaded"
|
|
},
|
|
{
|
|
"name": "29649",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29649"
|
|
},
|
|
{
|
|
"name": "29656",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29656"
|
|
},
|
|
{
|
|
"name": "29659",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29659"
|
|
},
|
|
{
|
|
"name": "ADV-2006-3972",
|
|
"refsource": "VUPEN",
|
|
"url": "http://www.vupen.com/english/advisories/2006/3972"
|
|
},
|
|
{
|
|
"name": "29652",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29652"
|
|
},
|
|
{
|
|
"name": "29650",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29650"
|
|
},
|
|
{
|
|
"name": "webyep-webyep-file-include(29397)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29397"
|
|
},
|
|
{
|
|
"name": "22336",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/22336"
|
|
},
|
|
{
|
|
"name": "http://www.obdev.at/products/webyep/release-notes.html",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.obdev.at/products/webyep/release-notes.html"
|
|
},
|
|
{
|
|
"name": "29658",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29658"
|
|
},
|
|
{
|
|
"name": "1017023",
|
|
"refsource": "SECTRACK",
|
|
"url": "http://securitytracker.com/id?1017023"
|
|
},
|
|
{
|
|
"name": "29653",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29653"
|
|
},
|
|
{
|
|
"name": "29657",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29657"
|
|
},
|
|
{
|
|
"name": "29662",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29662"
|
|
},
|
|
{
|
|
"name": "29663",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29663"
|
|
},
|
|
{
|
|
"name": "29661",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29661"
|
|
},
|
|
{
|
|
"name": "29647",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29647"
|
|
},
|
|
{
|
|
"name": "29646",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29646"
|
|
},
|
|
{
|
|
"name": "29643",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29643"
|
|
},
|
|
{
|
|
"name": "29651",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29651"
|
|
},
|
|
{
|
|
"name": "29655",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/29655"
|
|
}
|
|
]
|
|
}
|
|
} |