CVE-2006-0881

Published: Feb 24, 2006Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php in Noah's Classifieds 1.3, when register_globals is enabled, allow remote attackers to include arbitrary PHP files via the (1) upperTemplate and (2) lowerTemplate parameters, as demonstrated using the lowerTemplate parameter to index.php.

Affected (2)

Products: Phpoutsourcing: Noahs Classifieds

1 product

Noahs Classifieds

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Phpoutsourcing Noahs Classifieds	Version 1.2
Phpoutsourcing Noahs Classifieds	Version 1.3

References (12)

http://securitytracker.com/id?1015667

Source: cve@mitre.org

http://www.kapda.ir/advisory-268.html

Source: cve@mitre.org

ExploitVendor Advisory

http://www.securityfocus.com/archive/1/425783/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/16780

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2006/0703

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/24899

Source: cve@mitre.org

http://securitytracker.com/id?1015667

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kapda.ir/advisory-268.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

http://www.securityfocus.com/archive/1/425783/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/16780

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.vupen.com/english/advisories/2006/0703

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/24899

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.