CVE-2006-3172 (CNNVD-200606-405)

HIGH 有利用代码
中文标题:
Content-Builder 多个远程文件包含漏洞
英文标题:
Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers t...
CVSS分数: 7.5
发布时间: 2006-06-23 00:00:00
漏洞类型: 代码注入
状态: PUBLISHED
数据质量分数: 0.40
数据版本: v4
漏洞描述
中文描述:

Content*Builder 0.7.5存在多个PHP远程文件包含漏洞。远程攻击者可以借助(1) 对(a) cms/plugins/col_man/column.inc.php, (b) cms/plugins/poll/poll.inc.php, (c) cms/plugins/user_managment/usrPortrait.inc.php, (d) cms/plugins/user_managment/user.inc.php, (e) cms/plugins/media_manager/media.inc.php, (f) cms/plugins/events/permanent.eventMonth.inc.php, (g) cms/plugins/events/events.inc.php和(h) cms/plugins/newsletter2/newsletter.inc.php的lang_path参数; (2)对 (i) modules/guestbook/guestbook.inc.php, (j) modules/shoutbox/shoutBox.php和(k) modules/sitemap/sitemap.inc.php的 path[cb]参数; 以及(3)对(l) modules/download/overview.inc.php, (m) modules/download/detailView.inc.php, (n) modules/article/fullarticle.inc.php, (o) modules/article/comments.inc.php, (p) modules/article2/overview.inc.php, (q) modules/article2/fullarticle.inc.php, (r) modules/article2/comments.inc.php, (s) modules/headline/headlineBox.php和(t) modules/headline/showHeadline.inc.php的 rel参数中带有尾随的斜线 (/) 字符的URL,执行任意PHP代码。

英文描述:

Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL with a trailing slash (/) character in the (1) lang_path parameter to (a) cms/plugins/col_man/column.inc.php, (b) cms/plugins/poll/poll.inc.php, (c) cms/plugins/user_managment/usrPortrait.inc.php, (d) cms/plugins/user_managment/user.inc.php, (e) cms/plugins/media_manager/media.inc.php, (f) cms/plugins/events/permanent.eventMonth.inc.php, (g) cms/plugins/events/events.inc.php, and (h) cms/plugins/newsletter2/newsletter.inc.php; (2) path[cb] parameter to (i) modules/guestbook/guestbook.inc.php, (j) modules/shoutbox/shoutBox.php, and (k) modules/sitemap/sitemap.inc.php; and the (3) rel parameter to (l) modules/download/overview.inc.php, (m) modules/download/detailView.inc.php, (n) modules/article/fullarticle.inc.php, (o) modules/article/comments.inc.php, (p) modules/article2/overview.inc.php, (q) modules/article2/fullarticle.inc.php, (r) modules/article2/comments.inc.php, (s) modules/headline/headlineBox.php, and (t) modules/headline/showHeadline.inc.php.

CWE类型:
CWE-94
标签:
webapps php Federico Fazzi OSVDB-26363 OSVDB-26362 OSVDB-26361 OSVDB-26359 OSVDB-26357 OSVDB-26356 OSVDB-26355 OSVDB-26354 OSVDB-26353 OSVDB-26352 OSVDB-26351 OSVDB-26350 OSVDB-26349 OSVDB-26348 OSVDB-26347 OSVDB-26346 OSVDB-26345 OSVDB-26344
受影响产品
厂商 产品 版本 版本范围 平台 CPE
content\*builder content\*builder 0.7.5 - - cpe:2.3:a:content\*builder:content\*builder:0.7.5:*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
26354 vdb-entry
cve.org
访问
26351 vdb-entry
cve.org
访问
26353 vdb-entry
cve.org
访问
26362 vdb-entry
cve.org
访问
26344 vdb-entry
cve.org
访问
26360 vdb-entry
cve.org
访问
26363 vdb-entry
cve.org
访问
26348 vdb-entry
cve.org
访问
contentbuilder-multiple-file-include(27044) vdb-entry
cve.org
访问
26352 vdb-entry
cve.org
访问
26357 vdb-entry
cve.org
访问
26356 vdb-entry
cve.org
访问
26350 vdb-entry
cve.org
访问
20060611 Content-Builder (CMS) 0.7.5, Remote command execution mailing-list
cve.org
访问
26355 vdb-entry
cve.org
访问
26345 vdb-entry
cve.org
访问
26358 vdb-entry
cve.org
访问
18404 vdb-entry
cve.org
访问
20557 third-party-advisory
cve.org
访问
26361 vdb-entry
cve.org
访问
26359 vdb-entry
cve.org
访问
26347 vdb-entry
cve.org
访问
ADV-2006-2300 vdb-entry
cve.org
访问
26349 vdb-entry
cve.org
访问
26346 vdb-entry
cve.org
访问
ExploitDB EDB-1903 EXPLOIT
exploitdb
访问
Download Exploit EDB-1903 EXPLOIT
exploitdb
访问
CVE Reference: CVE-2006-3172 ADVISORY
cve.org
访问
CVSS评分详情
7.5
HIGH
CVSS向量: AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS版本: 2.0
机密性
PARTIAL
完整性
PARTIAL
可用性
PARTIAL
时间信息
发布时间:
2006-06-23 00:00:00
修改时间:
2024-08-07 18:16:06
创建时间:
2025-11-11 15:32:35
更新时间:
2026-01-19 09:41:41
利用信息
此漏洞有可利用代码!
利用代码数量: 1
利用来源:
未知
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2006-3172 2025-11-11 15:17:43 2025-11-11 07:32:35
NVD nvd_CVE-2006-3172 2025-11-11 14:51:49 2025-11-11 07:41:20
CNNVD cnnvd_CNNVD-200606-405 2025-11-11 15:08:51 2025-11-11 07:49:08
EXPLOITDB exploitdb_EDB-1903 2025-11-11 15:05:32 2025-11-11 08:14:34
版本与语言
当前版本: v4
主要语言: EN
支持语言:
EN ZH
其他标识符:
:
:
安全公告
暂无安全公告信息
变更历史
v4 EXPLOITDB
2025-11-11 16:14:34
references_count: 25 → 28; tags_count: 0 → 21; data_sources: ['cnnvd', 'cve', 'nvd'] → ['cnnvd', 'cve', 'exploitdb', 'nvd']
查看详细变更
  • references_count: 25 -> 28
  • tags_count: 0 -> 21
  • data_sources: ['cnnvd', 'cve', 'nvd'] -> ['cnnvd', 'cve', 'exploitdb', 'nvd']
v3 CNNVD
2025-11-11 15:49:08
vulnerability_type: 未提取 → 代码注入; cnnvd_id: 未提取 → CNNVD-200606-405; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
  • vulnerability_type: 未提取 -> 代码注入
  • cnnvd_id: 未提取 -> CNNVD-200606-405
  • data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2 NVD
2025-11-11 15:41:20
severity: SeverityLevel.MEDIUM → SeverityLevel.HIGH; cvss_score: 未提取 → 7.5; cvss_vector: NOT_EXTRACTED → AV:N/AC:L/Au:N/C:P/I:P/A:P; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 1; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
  • cvss_score: 未提取 -> 7.5
  • cvss_vector: NOT_EXTRACTED -> AV:N/AC:L/Au:N/C:P/I:P/A:P
  • cvss_version: NOT_EXTRACTED -> 2.0
  • affected_products_count: 0 -> 1
  • data_sources: ['cve'] -> ['cve', 'nvd']