Published: 01/08/2006 Updated: 18/10/2016

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote malicious users to execute arbitrary PHP code via a URL in the cfg_root parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
banex banex 2.21

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to the bypass of security restrictions or denial of service The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-1931 It was discovered that the use of blocking sockets can lead to denial of service ...

source: wwwsecurityfocuscom/bid/19240/info PHP MySQL Banner Exchange is prone to multiple SQL-injection vulnerabilities and a remote file-include vulnerability because it fails to properly sanitize user-supplied input An attacker can exploit the SQL-injection vulnerabilities to compromise the application, access or modify data, or ...

NVD-CWE-Other http://www.securityfocus.com/bid/19240 http://marc.info/?l=full-disclosure&m=115423462216111&w=2 https://nvd.nist.gov https://www.debian.org/security/./dsa-1157 https://www.exploit-db.com/exploits/28308/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-3964

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect