CVE-2006-4635

Published: Sep 8, 2006Modified: Apr 16, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II). NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue.

Affected (1)

Products: Squiz: Mysource Classic

1 product

Mysource Classic

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Squiz Mysource Classic	Up to 2.14.6

References (10)

http://classic.squiz.net/download/changelogs/change_log_2.14.8

Source: cve@mitre.org

http://secunia.com/advisories/21757

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/19868

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/3477

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/28768

Source: cve@mitre.org

http://classic.squiz.net/download/changelogs/change_log_2.14.8

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/21757

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/19868

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/3477

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/28768

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.