What is CVE-2006-1551?

CVE-2006-1551 is a vulnerability in N/a. Published 2006-04-13.

Is CVE-2006-1551 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2006-1551

Eval injection vulnerability in pajax_call_dispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to execute arbitrary code via the (1) $method and (2) $args parameters.

EPSS: 0.721 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

19653 (x_refsource_SECUNIA, third-party-advisory)
pajax-pajaxcalldispatcher-code-execution(25859) (vdb-entry, x_refsource_XF)
24618 (x_refsource_OSVDB, vdb-entry)
17519 (vdb-entry, x_refsource_BID)
20060413 PAJAX Remote Code Injection and File Inclusion Vulnerability (mailing-list, x_refsource_BUGTRAQ)
20060413 PAJAX Remote file inclusion and File Inclusion Vulnerability (mailing-list, x_refsource_FULLDISC)
ADV-2006-1353 (vdb-entry, x_refsource_VUPEN)
www.redteam-pentesting.de/advisories/rt-sa-2006-001.php (x_refsource_MISC)

Frequently asked questions

What is CVE-2006-1551?: CVE-2006-1551 is a vulnerability in N/a. Published 2006-04-13.
Is CVE-2006-1551 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.