CVE Vulnerabilities

CVE-2006-5105

Published: Oct 03, 2006 | Modified: Jul 20, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple PHP remote file inclusion vulnerabilities in SyntaxCMS 1.1.1 through 1.3 allow remote attackers to execute arbitrary PHP code via a URL in (1) the init_path parameter to admin/testing/tests/0030_init_syntax.php, or (2) an unspecified parameter to admin/testing/index.php. NOTE: the 0004_init_urls.php vector is already covered by CVE-2006-5055.

Affected Software

Name Vendor Start Version End Version
Syntaxcms Forum_one 1.1.1 (including) 1.1.1 (including)
Syntaxcms Forum_one 1.2.1 (including) 1.2.1 (including)
Syntaxcms Forum_one 1.3 (including) 1.3 (including)

References