Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities by integramod
CVE-2008-4183 (GCVE-0-2008-4183)
Vulnerability from nvd – Published: 2008-09-23 15:00 – Updated: 2024-08-07 10:08
VLAI
Summary
IntegraMOD 1.4.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup via a direct request to a backup/backup-yyyy-dd-mm.sql filename.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.integramod.com/forum/viewtopic.php?f=3… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/31149 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/4300 | third-party-advisoryx_refsource_SREASON |
| https://www.exploit-db.com/exploits/6390 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/31749 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-09-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:08:34.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.integramod.com/forum/viewtopic.php?f=3\u0026t=5089"
},
{
"name": "31149",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31149"
},
{
"name": "4300",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4300"
},
{
"name": "6390",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6390"
},
{
"name": "integramod-backup-info-disclosure(45096)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45096"
},
{
"name": "31749",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31749"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IntegraMOD 1.4.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup via a direct request to a backup/backup-yyyy-dd-mm.sql filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.integramod.com/forum/viewtopic.php?f=3\u0026t=5089"
},
{
"name": "31149",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31149"
},
{
"name": "4300",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4300"
},
{
"name": "6390",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6390"
},
{
"name": "integramod-backup-info-disclosure(45096)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45096"
},
{
"name": "31749",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31749"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IntegraMOD 1.4.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup via a direct request to a backup/backup-yyyy-dd-mm.sql filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.integramod.com/forum/viewtopic.php?f=3\u0026t=5089",
"refsource": "CONFIRM",
"url": "http://www.integramod.com/forum/viewtopic.php?f=3\u0026t=5089"
},
{
"name": "31149",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31149"
},
{
"name": "4300",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4300"
},
{
"name": "6390",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6390"
},
{
"name": "integramod-backup-info-disclosure(45096)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45096"
},
{
"name": "31749",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31749"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4183",
"datePublished": "2008-09-23T15:00:00.000Z",
"dateReserved": "2008-09-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:08:34.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5140 (GCVE-0-2007-5140)
Vulnerability from nvd – Published: 2007-09-28 21:00 – Updated: 2024-08-07 15:24
VLAI
Summary
PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in IntegraMOD Nederland 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2007/3307 | vdb-entryx_refsource_VUPEN |
| https://www.exploit-db.com/exploits/4463 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/25832 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/26991 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2007-09-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:41.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-3307",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3307"
},
{
"name": "4463",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4463"
},
{
"name": "integramod-archivetopic-file-include(36832)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36832"
},
{
"name": "25832",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25832"
},
{
"name": "26991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26991"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in IntegraMOD Nederland 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-3307",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3307"
},
{
"name": "4463",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4463"
},
{
"name": "integramod-archivetopic-file-include(36832)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36832"
},
{
"name": "25832",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25832"
},
{
"name": "26991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26991"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in IntegraMOD Nederland 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-3307",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3307"
},
{
"name": "4463",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4463"
},
{
"name": "integramod-archivetopic-file-include(36832)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36832"
},
{
"name": "25832",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25832"
},
{
"name": "26991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26991"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5140",
"datePublished": "2007-09-28T21:00:00.000Z",
"dateReserved": "2007-09-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:24:41.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4368 (GCVE-0-2006-4368)
Vulnerability from nvd – Published: 2006-08-26 01:00 – Updated: 2024-08-07 19:06
VLAI
Summary
PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/444207/100… | mailing-listx_refsource_BUGTRAQ |
| https://www.exploit-db.com/exploits/2250 | exploitx_refsource_EXPLOIT-DB |
| http://www.nukedx.com/?viewdoc=47 | x_refsource_MISC |
| http://www.securityfocus.com/bid/19689 | vdb-entryx_refsource_BID |
| http://marc.info/?l=full-disclosure&m=11564105241… | mailing-listx_refsource_FULLDISC |
Date Public
2006-08-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "integramod-includes-file-inclusion(28547)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28547"
},
{
"name": "20060824 Advisory: Integramod Portal \u003c= 2.x File Inclusion Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444207/100/0/threaded"
},
{
"name": "2250",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2250"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nukedx.com/?viewdoc=47"
},
{
"name": "19689",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19689"
},
{
"name": "20060824 Integramod Portal \u003c= 2.x File Inclusion",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115641052418714\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "integramod-includes-file-inclusion(28547)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28547"
},
{
"name": "20060824 Advisory: Integramod Portal \u003c= 2.x File Inclusion Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444207/100/0/threaded"
},
{
"name": "2250",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2250"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nukedx.com/?viewdoc=47"
},
{
"name": "19689",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19689"
},
{
"name": "20060824 Integramod Portal \u003c= 2.x File Inclusion",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115641052418714\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4368",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "integramod-includes-file-inclusion(28547)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28547"
},
{
"name": "20060824 Advisory: Integramod Portal \u003c= 2.x File Inclusion Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444207/100/0/threaded"
},
{
"name": "2250",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2250"
},
{
"name": "http://www.nukedx.com/?viewdoc=47",
"refsource": "MISC",
"url": "http://www.nukedx.com/?viewdoc=47"
},
{
"name": "19689",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19689"
},
{
"name": "20060824 Integramod Portal \u003c= 2.x File Inclusion",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=115641052418714\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4368",
"datePublished": "2006-08-26T01:00:00.000Z",
"dateReserved": "2006-08-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4369 (GCVE-0-2006-4369)
Vulnerability from nvd – Published: 2006-08-26 01:00 – Updated: 2024-08-07 19:06
VLAI
Summary
Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via an absolute pathname in the phpbb_root_path parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/444207/100… | mailing-listx_refsource_BUGTRAQ |
| https://www.exploit-db.com/exploits/2250 | exploitx_refsource_EXPLOIT-DB |
| http://www.nukedx.com/?viewdoc=47 | x_refsource_MISC |
| http://www.securityfocus.com/bid/19689 | vdb-entryx_refsource_BID |
| http://marc.info/?l=full-disclosure&m=11564105241… | mailing-listx_refsource_FULLDISC |
Date Public
2006-08-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "integramod-includes-file-inclusion(28547)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28547"
},
{
"name": "20060824 Advisory: Integramod Portal \u003c= 2.x File Inclusion Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444207/100/0/threaded"
},
{
"name": "2250",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2250"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nukedx.com/?viewdoc=47"
},
{
"name": "19689",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19689"
},
{
"name": "20060824 Integramod Portal \u003c= 2.x File Inclusion",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115641052418714\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via an absolute pathname in the phpbb_root_path parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "integramod-includes-file-inclusion(28547)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28547"
},
{
"name": "20060824 Advisory: Integramod Portal \u003c= 2.x File Inclusion Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444207/100/0/threaded"
},
{
"name": "2250",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2250"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nukedx.com/?viewdoc=47"
},
{
"name": "19689",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19689"
},
{
"name": "20060824 Integramod Portal \u003c= 2.x File Inclusion",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115641052418714\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via an absolute pathname in the phpbb_root_path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "integramod-includes-file-inclusion(28547)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28547"
},
{
"name": "20060824 Advisory: Integramod Portal \u003c= 2.x File Inclusion Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444207/100/0/threaded"
},
{
"name": "2250",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2250"
},
{
"name": "http://www.nukedx.com/?viewdoc=47",
"refsource": "MISC",
"url": "http://www.nukedx.com/?viewdoc=47"
},
{
"name": "19689",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19689"
},
{
"name": "20060824 Integramod Portal \u003c= 2.x File Inclusion",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=115641052418714\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4369",
"datePublished": "2006-08-26T01:00:00.000Z",
"dateReserved": "2006-08-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2984 (GCVE-0-2006-2984)
Vulnerability from nvd – Published: 2006-06-13 01:00 – Updated: 2024-08-07 18:16
VLAI
Summary
Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the STYLE_URL parameter. NOTE: it is possible that this issue is resultant from SQL injection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/436457/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1085 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/20528 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/2236 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/18464 | vdb-entryx_refsource_BID |
Date Public
2006-06-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:04.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060606 \u0027Multiple Sql injection and XSS in integramod portal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded"
},
{
"name": "1085",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1085"
},
{
"name": "20528",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20528"
},
{
"name": "ADV-2006-2236",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2236"
},
{
"name": "integramod-index-xss(27092)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27092"
},
{
"name": "18464",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18464"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the STYLE_URL parameter. NOTE: it is possible that this issue is resultant from SQL injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060606 \u0027Multiple Sql injection and XSS in integramod portal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded"
},
{
"name": "1085",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1085"
},
{
"name": "20528",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20528"
},
{
"name": "ADV-2006-2236",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2236"
},
{
"name": "integramod-index-xss(27092)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27092"
},
{
"name": "18464",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18464"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the STYLE_URL parameter. NOTE: it is possible that this issue is resultant from SQL injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060606 \u0027Multiple Sql injection and XSS in integramod portal",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded"
},
{
"name": "1085",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1085"
},
{
"name": "20528",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20528"
},
{
"name": "ADV-2006-2236",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2236"
},
{
"name": "integramod-index-xss(27092)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27092"
},
{
"name": "18464",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18464"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2984",
"datePublished": "2006-06-13T01:00:00.000Z",
"dateReserved": "2006-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:16:04.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2985 (GCVE-0-2006-2985)
Vulnerability from nvd – Published: 2006-06-13 01:00 – Updated: 2024-08-07 18:16
VLAI
Summary
SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded "'" characters in the STYLE_URL parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.attrition.org/pipermail/vim/2006-June/… | mailing-listx_refsource_VIM |
| http://www.securityfocus.com/archive/1/436457/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1085 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-06-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:04.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060612 verified SQL injection in IntegraMOD 1.4.0 (source inspection)",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://www.attrition.org/pipermail/vim/2006-June/000847.html"
},
{
"name": "20060606 \u0027Multiple Sql injection and XSS in integramod portal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded"
},
{
"name": "1085",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1085"
},
{
"name": "integramod-index-sql-injection(27097)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27097"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded \"\u0027\" characters in the STYLE_URL parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060612 verified SQL injection in IntegraMOD 1.4.0 (source inspection)",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://www.attrition.org/pipermail/vim/2006-June/000847.html"
},
{
"name": "20060606 \u0027Multiple Sql injection and XSS in integramod portal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded"
},
{
"name": "1085",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1085"
},
{
"name": "integramod-index-sql-injection(27097)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27097"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2985",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded \"\u0027\" characters in the STYLE_URL parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060612 verified SQL injection in IntegraMOD 1.4.0 (source inspection)",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2006-June/000847.html"
},
{
"name": "20060606 \u0027Multiple Sql injection and XSS in integramod portal",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded"
},
{
"name": "1085",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1085"
},
{
"name": "integramod-index-sql-injection(27097)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27097"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2985",
"datePublished": "2006-06-13T01:00:00.000Z",
"dateReserved": "2006-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:16:04.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4183 (GCVE-0-2008-4183)
Vulnerability from cvelistv5 – Published: 2008-09-23 15:00 – Updated: 2024-08-07 10:08
VLAI
Summary
IntegraMOD 1.4.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup via a direct request to a backup/backup-yyyy-dd-mm.sql filename.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.integramod.com/forum/viewtopic.php?f=3… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/31149 | vdb-entryx_refsource_BID |
| http://securityreason.com/securityalert/4300 | third-party-advisoryx_refsource_SREASON |
| https://www.exploit-db.com/exploits/6390 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/31749 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-09-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:08:34.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.integramod.com/forum/viewtopic.php?f=3\u0026t=5089"
},
{
"name": "31149",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31149"
},
{
"name": "4300",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4300"
},
{
"name": "6390",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6390"
},
{
"name": "integramod-backup-info-disclosure(45096)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45096"
},
{
"name": "31749",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31749"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IntegraMOD 1.4.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup via a direct request to a backup/backup-yyyy-dd-mm.sql filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.integramod.com/forum/viewtopic.php?f=3\u0026t=5089"
},
{
"name": "31149",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31149"
},
{
"name": "4300",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4300"
},
{
"name": "6390",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6390"
},
{
"name": "integramod-backup-info-disclosure(45096)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45096"
},
{
"name": "31749",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31749"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IntegraMOD 1.4.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup via a direct request to a backup/backup-yyyy-dd-mm.sql filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.integramod.com/forum/viewtopic.php?f=3\u0026t=5089",
"refsource": "CONFIRM",
"url": "http://www.integramod.com/forum/viewtopic.php?f=3\u0026t=5089"
},
{
"name": "31149",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31149"
},
{
"name": "4300",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4300"
},
{
"name": "6390",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6390"
},
{
"name": "integramod-backup-info-disclosure(45096)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45096"
},
{
"name": "31749",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31749"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4183",
"datePublished": "2008-09-23T15:00:00.000Z",
"dateReserved": "2008-09-23T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:08:34.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5140 (GCVE-0-2007-5140)
Vulnerability from cvelistv5 – Published: 2007-09-28 21:00 – Updated: 2024-08-07 15:24
VLAI
Summary
PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in IntegraMOD Nederland 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2007/3307 | vdb-entryx_refsource_VUPEN |
| https://www.exploit-db.com/exploits/4463 | exploitx_refsource_EXPLOIT-DB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/25832 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/26991 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2007-09-27 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:41.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-3307",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3307"
},
{
"name": "4463",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4463"
},
{
"name": "integramod-archivetopic-file-include(36832)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36832"
},
{
"name": "25832",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25832"
},
{
"name": "26991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26991"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in IntegraMOD Nederland 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-3307",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3307"
},
{
"name": "4463",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4463"
},
{
"name": "integramod-archivetopic-file-include(36832)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36832"
},
{
"name": "25832",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25832"
},
{
"name": "26991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26991"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5140",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in includes/archive/archive_topic.php in IntegraMOD Nederland 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-3307",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3307"
},
{
"name": "4463",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4463"
},
{
"name": "integramod-archivetopic-file-include(36832)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36832"
},
{
"name": "25832",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25832"
},
{
"name": "26991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26991"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5140",
"datePublished": "2007-09-28T21:00:00.000Z",
"dateReserved": "2007-09-28T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:24:41.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4368 (GCVE-0-2006-4368)
Vulnerability from cvelistv5 – Published: 2006-08-26 01:00 – Updated: 2024-08-07 19:06
VLAI
Summary
PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/444207/100… | mailing-listx_refsource_BUGTRAQ |
| https://www.exploit-db.com/exploits/2250 | exploitx_refsource_EXPLOIT-DB |
| http://www.nukedx.com/?viewdoc=47 | x_refsource_MISC |
| http://www.securityfocus.com/bid/19689 | vdb-entryx_refsource_BID |
| http://marc.info/?l=full-disclosure&m=11564105241… | mailing-listx_refsource_FULLDISC |
Date Public
2006-08-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "integramod-includes-file-inclusion(28547)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28547"
},
{
"name": "20060824 Advisory: Integramod Portal \u003c= 2.x File Inclusion Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444207/100/0/threaded"
},
{
"name": "2250",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2250"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nukedx.com/?viewdoc=47"
},
{
"name": "19689",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19689"
},
{
"name": "20060824 Integramod Portal \u003c= 2.x File Inclusion",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115641052418714\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "integramod-includes-file-inclusion(28547)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28547"
},
{
"name": "20060824 Advisory: Integramod Portal \u003c= 2.x File Inclusion Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444207/100/0/threaded"
},
{
"name": "2250",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2250"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nukedx.com/?viewdoc=47"
},
{
"name": "19689",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19689"
},
{
"name": "20060824 Integramod Portal \u003c= 2.x File Inclusion",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115641052418714\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4368",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "integramod-includes-file-inclusion(28547)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28547"
},
{
"name": "20060824 Advisory: Integramod Portal \u003c= 2.x File Inclusion Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444207/100/0/threaded"
},
{
"name": "2250",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2250"
},
{
"name": "http://www.nukedx.com/?viewdoc=47",
"refsource": "MISC",
"url": "http://www.nukedx.com/?viewdoc=47"
},
{
"name": "19689",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19689"
},
{
"name": "20060824 Integramod Portal \u003c= 2.x File Inclusion",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=115641052418714\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4368",
"datePublished": "2006-08-26T01:00:00.000Z",
"dateReserved": "2006-08-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4369 (GCVE-0-2006-4369)
Vulnerability from cvelistv5 – Published: 2006-08-26 01:00 – Updated: 2024-08-07 19:06
VLAI
Summary
Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via an absolute pathname in the phpbb_root_path parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/444207/100… | mailing-listx_refsource_BUGTRAQ |
| https://www.exploit-db.com/exploits/2250 | exploitx_refsource_EXPLOIT-DB |
| http://www.nukedx.com/?viewdoc=47 | x_refsource_MISC |
| http://www.securityfocus.com/bid/19689 | vdb-entryx_refsource_BID |
| http://marc.info/?l=full-disclosure&m=11564105241… | mailing-listx_refsource_FULLDISC |
Date Public
2006-08-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "integramod-includes-file-inclusion(28547)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28547"
},
{
"name": "20060824 Advisory: Integramod Portal \u003c= 2.x File Inclusion Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444207/100/0/threaded"
},
{
"name": "2250",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2250"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nukedx.com/?viewdoc=47"
},
{
"name": "19689",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19689"
},
{
"name": "20060824 Integramod Portal \u003c= 2.x File Inclusion",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115641052418714\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via an absolute pathname in the phpbb_root_path parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "integramod-includes-file-inclusion(28547)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28547"
},
{
"name": "20060824 Advisory: Integramod Portal \u003c= 2.x File Inclusion Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444207/100/0/threaded"
},
{
"name": "2250",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2250"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nukedx.com/?viewdoc=47"
},
{
"name": "19689",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19689"
},
{
"name": "20060824 Integramod Portal \u003c= 2.x File Inclusion",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=115641052418714\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via an absolute pathname in the phpbb_root_path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "integramod-includes-file-inclusion(28547)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28547"
},
{
"name": "20060824 Advisory: Integramod Portal \u003c= 2.x File Inclusion Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444207/100/0/threaded"
},
{
"name": "2250",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2250"
},
{
"name": "http://www.nukedx.com/?viewdoc=47",
"refsource": "MISC",
"url": "http://www.nukedx.com/?viewdoc=47"
},
{
"name": "19689",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19689"
},
{
"name": "20060824 Integramod Portal \u003c= 2.x File Inclusion",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=115641052418714\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4369",
"datePublished": "2006-08-26T01:00:00.000Z",
"dateReserved": "2006-08-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2984 (GCVE-0-2006-2984)
Vulnerability from cvelistv5 – Published: 2006-06-13 01:00 – Updated: 2024-08-07 18:16
VLAI
Summary
Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the STYLE_URL parameter. NOTE: it is possible that this issue is resultant from SQL injection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/436457/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1085 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/20528 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2006/2236 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/18464 | vdb-entryx_refsource_BID |
Date Public
2006-06-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:04.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060606 \u0027Multiple Sql injection and XSS in integramod portal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded"
},
{
"name": "1085",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1085"
},
{
"name": "20528",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20528"
},
{
"name": "ADV-2006-2236",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2236"
},
{
"name": "integramod-index-xss(27092)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27092"
},
{
"name": "18464",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18464"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the STYLE_URL parameter. NOTE: it is possible that this issue is resultant from SQL injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060606 \u0027Multiple Sql injection and XSS in integramod portal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded"
},
{
"name": "1085",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1085"
},
{
"name": "20528",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20528"
},
{
"name": "ADV-2006-2236",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2236"
},
{
"name": "integramod-index-xss(27092)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27092"
},
{
"name": "18464",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18464"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the STYLE_URL parameter. NOTE: it is possible that this issue is resultant from SQL injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060606 \u0027Multiple Sql injection and XSS in integramod portal",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded"
},
{
"name": "1085",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1085"
},
{
"name": "20528",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20528"
},
{
"name": "ADV-2006-2236",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2236"
},
{
"name": "integramod-index-xss(27092)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27092"
},
{
"name": "18464",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18464"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2984",
"datePublished": "2006-06-13T01:00:00.000Z",
"dateReserved": "2006-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:16:04.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2985 (GCVE-0-2006-2985)
Vulnerability from cvelistv5 – Published: 2006-06-13 01:00 – Updated: 2024-08-07 18:16
VLAI
Summary
SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded "'" characters in the STYLE_URL parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.attrition.org/pipermail/vim/2006-June/… | mailing-listx_refsource_VIM |
| http://www.securityfocus.com/archive/1/436457/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1085 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2006-06-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:04.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060612 verified SQL injection in IntegraMOD 1.4.0 (source inspection)",
"tags": [
"mailing-list",
"x_refsource_VIM",
"x_transferred"
],
"url": "http://www.attrition.org/pipermail/vim/2006-June/000847.html"
},
{
"name": "20060606 \u0027Multiple Sql injection and XSS in integramod portal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded"
},
{
"name": "1085",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1085"
},
{
"name": "integramod-index-sql-injection(27097)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27097"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded \"\u0027\" characters in the STYLE_URL parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060612 verified SQL injection in IntegraMOD 1.4.0 (source inspection)",
"tags": [
"mailing-list",
"x_refsource_VIM"
],
"url": "http://www.attrition.org/pipermail/vim/2006-June/000847.html"
},
{
"name": "20060606 \u0027Multiple Sql injection and XSS in integramod portal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded"
},
{
"name": "1085",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1085"
},
{
"name": "integramod-index-sql-injection(27097)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27097"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2985",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to execute arbitrary SQL commands via double-encoded \"\u0027\" characters in the STYLE_URL parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060612 verified SQL injection in IntegraMOD 1.4.0 (source inspection)",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2006-June/000847.html"
},
{
"name": "20060606 \u0027Multiple Sql injection and XSS in integramod portal",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded"
},
{
"name": "1085",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1085"
},
{
"name": "integramod-index-sql-injection(27097)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27097"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2985",
"datePublished": "2006-06-13T01:00:00.000Z",
"dateReserved": "2006-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T18:16:04.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}