CVE-2006-5777

NONECVSS 0.0

0.0

Creasito E-Commerce Content Manager 1.3.08 allows remote attackers to bypass authentication and perform privileged functions via a non-empty finame parameter to (1) addnewcont.php, (2) adminpassw.php, (3) amministrazione.php, (4) artins.php, (5) bgcolor.php, (6) cancartcat.php, (7) canccat.php, (8) cancelart.php, (9) cancontsit.php, (10) chanpassamm.php, (11) dele.php, (12) delecat.php, (13) delecont.php, (14) emailall.php, (15) gestflashtempl.php, (16) gestmagart.php, (17) gestmagaz.php, (18) gestpre.php, (19) input.php, (20) input3.php, (21) insnucat.php, (22) instempflash.php, (23) mailfc.php, (24) modfdati.php, (25) rescont4.php, (26) ricordo1.php, (27) ricordo4.php, (28) tabcatalg.php, (29) tabcont.php, (30) tabcont3.php, (31) tabstile.php, (32) tabstile3.php, (33) testimmg.php, and (34) update.php in admin/. NOTE: some of these details are obtained from third party information.

🔗 References (6)

cve@mitrehttp://secunia.com/advisories/22729
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/30011
cve@mitrehttps://www.exploit-db.com/exploits/2709
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22729
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/30011
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/2709

Is Your Infrastructure Affected by CVE-2006-5777?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-5777

📅 Published

🔄 Last Modified

🔗 References (6)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-5777?