CVE-2006-3175 - Vulnerability Details - OpenCVE

Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php, (2) ecrire.php, and (3) lire.php. NOTE: it was later reported that the ecrire.php vector also affects 1.2. NOTE: this issue might be limited to a race condition during installation or an improper installation, since a completed installation creates an include file that prevents external control of the $lang variable.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mcguestbook	Mcguestbook

Configuration 1 [-]

cpe:2.3:a:mcguestbook:mcguestbook:1.3:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://securityreason.com/securityalert/1125
http://www.osvdb.org/27460
http://www.osvdb.org/27461
http://www.osvdb.org/27462
http://www.securityfocus.com/archive/1/437028/100/200/threaded
http://www.securityfocus.com/archive/1/437448/100/0/threaded
http://www.securityfocus.com/bid/18476
https://exchange.xforce.ibmcloud.com/vulnerabilities/27114

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-06-23T00:00:00

Updated: 2024-08-07T18:16:06.015Z

Reserved: 2006-06-22T00:00:00

Link: CVE-2006-3175

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-06-23T00:02:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-3175

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-06-16T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php, (2) ecrire.php, and (3) lire.php. NOTE: it was later reported that the ecrire.php vector also affects 1.2. NOTE: this issue might be limited to a race condition during installation or an improper installation, since a completed installation creates an include file that prevents external control of the $lang variable."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "mcguestbook-multiple-file-include(27114)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27114"}, {"name": "27460", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27460"}, {"name": "18476", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/18476"}, {"name": "20060616 file include exploits in mcGuestbook 1.3", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/437448/100/0/threaded"}, {"name": "27461", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27461"}, {"name": "1125", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/1125"}, {"name": "27462", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/27462"}, {"name": "20060613 file include exploits in mcGuestbook 1.3", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/437028/100/200/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-3175", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php, (2) ecrire.php, and (3) lire.php. NOTE: it was later reported that the ecrire.php vector also affects 1.2. NOTE: this issue might be limited to a race condition during installation or an improper installation, since a completed installation creates an include file that prevents external control of the $lang variable."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "mcguestbook-multiple-file-include(27114)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27114"}, {"name": "27460", "refsource": "OSVDB", "url": "http://www.osvdb.org/27460"}, {"name": "18476", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18476"}, {"name": "20060616 file include exploits in mcGuestbook 1.3", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/437448/100/0/threaded"}, {"name": "27461", "refsource": "OSVDB", "url": "http://www.osvdb.org/27461"}, {"name": "1125", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1125"}, {"name": "27462", "refsource": "OSVDB", "url": "http://www.osvdb.org/27462"}, {"name": "20060613 file include exploits in mcGuestbook 1.3", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/437028/100/200/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:16:06.015Z"}, "title": "CVE Program Container", "references": [{"name": "mcguestbook-multiple-file-include(27114)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27114"}, {"name": "27460", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/27460"}, {"name": "18476", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/18476"}, {"name": "20060616 file include exploits in mcGuestbook 1.3", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/437448/100/0/threaded"}, {"name": "27461", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/27461"}, {"name": "1125", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/1125"}, {"name": "27462", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/27462"}, {"name": "20060613 file include exploits in mcGuestbook 1.3", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/437028/100/200/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3175", "datePublished": "2006-06-23T00:00:00", "dateReserved": "2006-06-22T00:00:00", "dateUpdated": "2024-08-07T18:16:06.015Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcguestbook:mcguestbook:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "FFF16958-9A94-4400-88A8-53D6B2087FCC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple PHP remote file inclusion vulnerabilities in mcGuestbook 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php, (2) ecrire.php, and (3) lire.php. NOTE: it was later reported that the ecrire.php vector also affects 1.2. NOTE: this issue might be limited to a race condition during installation or an improper installation, since a completed installation creates an include file that prevents external control of the $lang variable."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inclusi\u00f3n remota de archivo PHP en mcGuestbook v1.3 permite a atacantes remotos ejecutar c\u00f3digo PHP arbitrario a trav\u00e9s de una URL en el par\u00e1metro lang a (1) admin.php, (2) ecrire.php y lire.php (3). NOTA: se inform\u00f3 posteriormente que el vector ecrire.php tambi\u00e9n afecta a la versi\u00f3n v1.2. NOTA: este problema podr\u00eda estar limitado a una condici\u00f3n de carrera durante la instalaci\u00f3n o una instalaci\u00f3n inadecuada, ya que una instalaci\u00f3n completa crea un archivo de inclusi\u00f3n que impide el control externo de la variable $lang."}], "id": "CVE-2006-3175", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-06-23T00:02:00.000", "references": [{"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/1125"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27460"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27461"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/27462"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/437028/100/200/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/437448/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/18476"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27114"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/1125"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/27460"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/27461"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/27462"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/437028/100/200/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/437448/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/18476"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27114"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}