Vulnerability in Nucleus_group Nucleus_cms
CVE-2006-2583
PHP remote file inclusion vulnerability in nucleus/libs/PLUGINADMIN.php in Nucleus 3.22 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[DIR_LIBS] parameter.
EPSS: 0.071 (93.4th percentile) — read the EPSS interpretation.
Affected products
- Nucleus_group Nucleus_cms
- N/a — versions n/a
References
- cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_SREASON, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (Exploit, x_refsource_MISC)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_CONFIRM)