CVE-2006-2811

Multiple PHP remote file inclusion vulnerabilities in Cantico Ovidentia 5.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the babInstallPath parameter in (1) index.php, (2) topman.php, (3) approb.php, (4) vacadmb.php, (5) vacadma.php, (6) vacadm.php, (7) statart.php, (8) search.php, (9) posts.php, (10) options.php, (11) login.php, (12) frchart.php, (13) flbchart.php, (14) fileman.php, (15) faq.php, (16) event.php, (17) directory.php, (18) articles.php, (19) artedit.php, (20) calday.php, and additional unspecified PHP scripts. NOTE: the utilit.php vector is already covered by CVE-2005-1964.

Published: Jun 5, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-2811
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cantico / ovidentia	5.8.0	5.8.0.x

http://securityreason.com/securityalert/1033
http://www.osvdb.org/27209
http://www.osvdb.org/27211
http://www.osvdb.org/27212
http://www.osvdb.org/27213
http://www.osvdb.org/27214
http://www.osvdb.org/27215
http://www.osvdb.org/27216
http://www.osvdb.org/27217
http://www.osvdb.org/27218
http://www.osvdb.org/27219
http://www.osvdb.org/27220
http://www.osvdb.org/27221
http://www.osvdb.org/27222
http://www.osvdb.org/27223
http://www.osvdb.org/27224
http://www.osvdb.org/27225
http://www.osvdb.org/27226
http://www.osvdb.org/27227
http://www.osvdb.org/27228
http://www.osvdb.org/27229
http://www.securityfocus.com/archive/1/435590/100/0/threaded
http://www.securityfocus.com/archive/1/456893/100/200/threaded
http://www.securityfocus.com/archive/1/459572/100/0/threaded
http://www.securityfocus.com/bid/18232
https://exchange.xforce.ibmcloud.com/vulnerabilities/26981

Vulnerability Database

291,049

CVE-2006-2811