Description
PHP remote file inclusion vulnerability in upgrader.php in Vanilla CMS 1.0.1 and earlier, when /conf/old_settings.php exists, allows remote attackers to execute arbitrary PHP code via a URL in the RootDirectory parameter. NOTE: this issue has been disputed by a third party who states that the RootDirectory parameter is initialized before being used, for version 1.0. CVE analysis concurs with the dispute, but it is unclear whether older versions are affected
Exploits (1)
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/440938/100/0/threaded
Third Party Advisory mailing-list
x_refsource_vim
http://www.attrition.org/pipermail/vim/2006-July/000937.html
Third Party Advisory mailing-list
x_refsource_vim
http://www.attrition.org/pipermail/vim/2006-July/000944.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/442450/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1016568
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/19127
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/28287
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/1281
Scores
EPSS
0.0664
EPSS Percentile
91.3%
Details
Status
published
Products (1)
lussumo/vanilla
< 1.0.1
Published
Jul 25, 2006
Tracked Since
Feb 18, 2026