daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Auto Generated CVE annotations [Mon Nov 15 18:12:13 UTC 2021] 🤖

patch-1
GitHub Action 2021-11-15 18:12:13 +00:00
parent fc2f0a0ea3
commit 8b4f86274d
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cves/2006/CVE-2006-2842.yaml
View File

@ -6,6 +6,7 @@ info:
severity: high
reference: https://www.exploit-db.com/exploits/27948
tags: cve2006,lfi,squirrelmail
description: "** DISPUTED ** PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals is enabled. Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE. However, the original developer has posted a security advisory, so there might be relevant real-world environments under which this vulnerability is applicable."
requests:
- method: GET