CVE-2006-3531

NONECVSS 0.0

0.0

includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates the authentication credentials from parameters, which allows remote attackers to obtain privileges and upload arbitrary files via modified (1) pass and (2) session parameters, and (3) pass and (4) userlevel indices of the (a) Pivot_Vars[] or (b) Users[] array parameters.

🔗 References (16)

cve@mitrehttp://retrogod.altervista.org/pivot_130RC2_xpl.html
cve@mitrehttp://secunia.com/advisories/20962
cve@mitrehttp://securityreason.com/securityalert/1214
cve@mitrehttp://www.osvdb.org/27126
cve@mitrehttp://www.securityfocus.com/archive/1/439495/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/18881
cve@mitrehttp://www.vupen.com/english/advisories/2006/2744
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/27671
af854a3a-2127-422b-91ae-364da2661108http://retrogod.altervista.org/pivot_130RC2_xpl.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20962
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/1214
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/27126
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/439495/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/18881
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/2744

Is Your Infrastructure Affected by CVE-2006-3531?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-3531

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-3531?