Search
Find a vulnerability
Search criteria
4 vulnerabilities found for mysource_classic by squiz
CVE-2006-5036 (GCVE-0-2006-5036)
Vulnerability from nvd – Published: 2006-09-27 23:00 – Updated: 2024-08-07 19:32 Disputed
VLAI
Summary
MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.aushack.com/advisories/200607-mysource… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/446722/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1635 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/22060 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-09-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.aushack.com/advisories/200607-mysourcematrix.txt"
},
{
"name": "20060922 Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/446722/100/0/threaded"
},
{
"name": "1635",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1635"
},
{
"name": "mysource-sqremotepageurl-xss(29112)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29112"
},
{
"name": "22060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22060"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server\u0027s IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that \"The vendor does not consider this a vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.aushack.com/advisories/200607-mysourcematrix.txt"
},
{
"name": "20060922 Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/446722/100/0/threaded"
},
{
"name": "1635",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1635"
},
{
"name": "mysource-sqremotepageurl-xss(29112)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29112"
},
{
"name": "22060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22060"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server\u0027s IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that \"The vendor does not consider this a vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.aushack.com/advisories/200607-mysourcematrix.txt",
"refsource": "MISC",
"url": "http://www.aushack.com/advisories/200607-mysourcematrix.txt"
},
{
"name": "20060922 Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446722/100/0/threaded"
},
{
"name": "1635",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1635"
},
{
"name": "mysource-sqremotepageurl-xss(29112)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29112"
},
{
"name": "22060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22060"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5036",
"datePublished": "2006-09-27T23:00:00.000Z",
"dateReserved": "2006-09-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:32:22.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4635 (GCVE-0-2006-4635)
Vulnerability from nvd – Published: 2006-09-08 20:00 – Updated: 2024-08-07 19:14
VLAI
Summary
Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II). NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2006/3477 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/19868 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/21757 | third-party-advisoryx_refsource_SECUNIA |
| http://classic.squiz.net/download/changelogs/chan… | x_refsource_CONFIRM |
Date Public
2006-09-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3477",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3477"
},
{
"name": "19868",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19868"
},
{
"name": "mysource-equation-code-execution(28768)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28768"
},
{
"name": "21757",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21757"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://classic.squiz.net/download/changelogs/change_log_2.14.8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II). NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3477",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3477"
},
{
"name": "19868",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19868"
},
{
"name": "mysource-equation-code-execution(28768)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28768"
},
{
"name": "21757",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21757"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://classic.squiz.net/download/changelogs/change_log_2.14.8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4635",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II). NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3477",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3477"
},
{
"name": "19868",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19868"
},
{
"name": "mysource-equation-code-execution(28768)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28768"
},
{
"name": "21757",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21757"
},
{
"name": "http://classic.squiz.net/download/changelogs/change_log_2.14.8",
"refsource": "CONFIRM",
"url": "http://classic.squiz.net/download/changelogs/change_log_2.14.8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4635",
"datePublished": "2006-09-08T20:00:00.000Z",
"dateReserved": "2006-09-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:14:47.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5036 (GCVE-0-2006-5036)
Vulnerability from cvelistv5 – Published: 2006-09-27 23:00 – Updated: 2024-08-07 19:32 Disputed
VLAI
Summary
MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.aushack.com/advisories/200607-mysource… | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/446722/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/1635 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/22060 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-09-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.aushack.com/advisories/200607-mysourcematrix.txt"
},
{
"name": "20060922 Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/446722/100/0/threaded"
},
{
"name": "1635",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1635"
},
{
"name": "mysource-sqremotepageurl-xss(29112)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29112"
},
{
"name": "22060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22060"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server\u0027s IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that \"The vendor does not consider this a vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.aushack.com/advisories/200607-mysourcematrix.txt"
},
{
"name": "20060922 Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/446722/100/0/threaded"
},
{
"name": "1635",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1635"
},
{
"name": "mysource-sqremotepageurl-xss(29112)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29112"
},
{
"name": "22060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22060"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server\u0027s IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that \"The vendor does not consider this a vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.aushack.com/advisories/200607-mysourcematrix.txt",
"refsource": "MISC",
"url": "http://www.aushack.com/advisories/200607-mysourcematrix.txt"
},
{
"name": "20060922 Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446722/100/0/threaded"
},
{
"name": "1635",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1635"
},
{
"name": "mysource-sqremotepageurl-xss(29112)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29112"
},
{
"name": "22060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22060"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5036",
"datePublished": "2006-09-27T23:00:00.000Z",
"dateReserved": "2006-09-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:32:22.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4635 (GCVE-0-2006-4635)
Vulnerability from cvelistv5 – Published: 2006-09-08 20:00 – Updated: 2024-08-07 19:14
VLAI
Summary
Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II). NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2006/3477 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/19868 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/21757 | third-party-advisoryx_refsource_SECUNIA |
| http://classic.squiz.net/download/changelogs/chan… | x_refsource_CONFIRM |
Date Public
2006-09-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3477",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3477"
},
{
"name": "19868",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19868"
},
{
"name": "mysource-equation-code-execution(28768)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28768"
},
{
"name": "21757",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21757"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://classic.squiz.net/download/changelogs/change_log_2.14.8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II). NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3477",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3477"
},
{
"name": "19868",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19868"
},
{
"name": "mysource-equation-code-execution(28768)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28768"
},
{
"name": "21757",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21757"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://classic.squiz.net/download/changelogs/change_log_2.14.8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4635",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II). NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3477",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3477"
},
{
"name": "19868",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19868"
},
{
"name": "mysource-equation-code-execution(28768)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28768"
},
{
"name": "21757",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21757"
},
{
"name": "http://classic.squiz.net/download/changelogs/change_log_2.14.8",
"refsource": "CONFIRM",
"url": "http://classic.squiz.net/download/changelogs/change_log_2.14.8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4635",
"datePublished": "2006-09-08T20:00:00.000Z",
"dateReserved": "2006-09-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:14:47.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}