Vulnerability Details : CVE-2006-5845
Unrestricted file upload vulnerability in index.php in Speedywiki 2.0 allows remote authenticated users to upload and execute arbitrary PHP code by setting the upload parameter to 1.
Exploit prediction scoring system (EPSS) score for CVE-2006-5845
Probability of exploitation activity in the next 30 days: 0.48%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 75 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2006-5845
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
CWE ids for CVE-2006-5845
-
The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2006-5845
-
http://www.vupen.com/english/advisories/2006/4421
Not Applicable
-
http://securitytracker.com/id?1017201
Third Party Advisory;VDB Entry
-
http://marc.info/?l=bugtraq&m=116302805802656&w=2
Mailing List
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/30131
-
http://s-a-p.ca/index.php?page=OurAdvisories&id=9
Broken Link
Products affected by CVE-2006-5845
- cpe:2.3:a:speedywiki:speedywiki:2.0:*:*:*:*:*:*:*