Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for mysource_classic by squiz

    CVE-2006-5036 (GCVE-0-2006-5036)

    Vulnerability from nvd – Published: 2006-09-27 23:00 – Updated: 2024-08-07 19:32 Disputed
    VLAI
    Summary
    MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.aushack.com/advisories/200607-mysource… x_refsource_MISC
    http://www.securityfocus.com/archive/1/446722/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/1635 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/22060 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:32:22.885Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.aushack.com/advisories/200607-mysourcematrix.txt"
              },
              {
                "name": "20060922 Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/446722/100/0/threaded"
              },
              {
                "name": "1635",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1635"
              },
              {
                "name": "mysource-sqremotepageurl-xss(29112)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29112"
              },
              {
                "name": "22060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22060"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server\u0027s IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that \"The vendor does not consider this a vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.aushack.com/advisories/200607-mysourcematrix.txt"
            },
            {
              "name": "20060922 Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/446722/100/0/threaded"
            },
            {
              "name": "1635",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1635"
            },
            {
              "name": "mysource-sqremotepageurl-xss(29112)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29112"
            },
            {
              "name": "22060",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22060"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5036",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED **  MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server\u0027s IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that \"The vendor does not consider this a vulnerability.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.aushack.com/advisories/200607-mysourcematrix.txt",
                  "refsource": "MISC",
                  "url": "http://www.aushack.com/advisories/200607-mysourcematrix.txt"
                },
                {
                  "name": "20060922 Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/446722/100/0/threaded"
                },
                {
                  "name": "1635",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1635"
                },
                {
                  "name": "mysource-sqremotepageurl-xss(29112)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29112"
                },
                {
                  "name": "22060",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22060"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5036",
        "datePublished": "2006-09-27T23:00:00.000Z",
        "dateReserved": "2006-09-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:32:22.885Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4635 (GCVE-0-2006-4635)

    Vulnerability from nvd – Published: 2006-09-08 20:00 – Updated: 2024-08-07 19:14
    VLAI
    Summary
    Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II). NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2006/3477 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/19868 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/21757 third-party-advisoryx_refsource_SECUNIA
    http://classic.squiz.net/download/changelogs/chan… x_refsource_CONFIRM
    Date Public
    2006-09-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:14:47.897Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2006-3477",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3477"
              },
              {
                "name": "19868",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19868"
              },
              {
                "name": "mysource-equation-code-execution(28768)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28768"
              },
              {
                "name": "21757",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21757"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://classic.squiz.net/download/changelogs/change_log_2.14.8"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II).  NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2006-3477",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3477"
            },
            {
              "name": "19868",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19868"
            },
            {
              "name": "mysource-equation-code-execution(28768)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28768"
            },
            {
              "name": "21757",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21757"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://classic.squiz.net/download/changelogs/change_log_2.14.8"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4635",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II).  NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2006-3477",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3477"
                },
                {
                  "name": "19868",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19868"
                },
                {
                  "name": "mysource-equation-code-execution(28768)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28768"
                },
                {
                  "name": "21757",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21757"
                },
                {
                  "name": "http://classic.squiz.net/download/changelogs/change_log_2.14.8",
                  "refsource": "CONFIRM",
                  "url": "http://classic.squiz.net/download/changelogs/change_log_2.14.8"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4635",
        "datePublished": "2006-09-08T20:00:00.000Z",
        "dateReserved": "2006-09-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:14:47.897Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5036 (GCVE-0-2006-5036)

    Vulnerability from cvelistv5 – Published: 2006-09-27 23:00 – Updated: 2024-08-07 19:32 Disputed
    VLAI
    Summary
    MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.aushack.com/advisories/200607-mysource… x_refsource_MISC
    http://www.securityfocus.com/archive/1/446722/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/1635 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/22060 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-09-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:32:22.885Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.aushack.com/advisories/200607-mysourcematrix.txt"
              },
              {
                "name": "20060922 Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/446722/100/0/threaded"
              },
              {
                "name": "1635",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1635"
              },
              {
                "name": "mysource-sqremotepageurl-xss(29112)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29112"
              },
              {
                "name": "22060",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/22060"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server\u0027s IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that \"The vendor does not consider this a vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.aushack.com/advisories/200607-mysourcematrix.txt"
            },
            {
              "name": "20060922 Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/446722/100/0/threaded"
            },
            {
              "name": "1635",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1635"
            },
            {
              "name": "mysource-sqremotepageurl-xss(29112)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29112"
            },
            {
              "name": "22060",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/22060"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5036",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED **  MySource Matrix 3.8 and earlier, and MySource 2.x, allow remote attackers to use the application as an HTTP proxy server via the sq_remote_page_url parameter to access arbitrary sites with the server\u0027s IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that \"The vendor does not consider this a vulnerability.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.aushack.com/advisories/200607-mysourcematrix.txt",
                  "refsource": "MISC",
                  "url": "http://www.aushack.com/advisories/200607-mysourcematrix.txt"
                },
                {
                  "name": "20060922 Squiz MySource Matrix Unauthorised Proxy and Cross Site Scripting",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/446722/100/0/threaded"
                },
                {
                  "name": "1635",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1635"
                },
                {
                  "name": "mysource-sqremotepageurl-xss(29112)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29112"
                },
                {
                  "name": "22060",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/22060"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5036",
        "datePublished": "2006-09-27T23:00:00.000Z",
        "dateReserved": "2006-09-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:32:22.885Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4635 (GCVE-0-2006-4635)

    Vulnerability from cvelistv5 – Published: 2006-09-08 20:00 – Updated: 2024-08-07 19:14
    VLAI
    Summary
    Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II). NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2006/3477 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/19868 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/21757 third-party-advisoryx_refsource_SECUNIA
    http://classic.squiz.net/download/changelogs/chan… x_refsource_CONFIRM
    Date Public
    2006-09-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:14:47.897Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2006-3477",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3477"
              },
              {
                "name": "19868",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19868"
              },
              {
                "name": "mysource-equation-code-execution(28768)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28768"
              },
              {
                "name": "21757",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21757"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://classic.squiz.net/download/changelogs/change_log_2.14.8"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II).  NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2006-3477",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3477"
            },
            {
              "name": "19868",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19868"
            },
            {
              "name": "mysource-equation-code-execution(28768)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28768"
            },
            {
              "name": "21757",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21757"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://classic.squiz.net/download/changelogs/change_log_2.14.8"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4635",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II).  NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2006-3477",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3477"
                },
                {
                  "name": "19868",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19868"
                },
                {
                  "name": "mysource-equation-code-execution(28768)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28768"
                },
                {
                  "name": "21757",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21757"
                },
                {
                  "name": "http://classic.squiz.net/download/changelogs/change_log_2.14.8",
                  "refsource": "CONFIRM",
                  "url": "http://classic.squiz.net/download/changelogs/change_log_2.14.8"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4635",
        "datePublished": "2006-09-08T20:00:00.000Z",
        "dateReserved": "2006-09-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:14:47.897Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }