Detections
Analytics

CVE-2006-0044

critical

Description

Unspecified vulnerability in context.py in Albatross web application toolkit before 1.33 allows remote attackers to execute arbitrary commands via unspecified vectors involving template files and the "handling of submitted form fields".

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/24130

http://www.vupen.com/english/advisories/2006/0196

http://www.securityfocus.com/bid/16252

http://www.osvdb.org/22451

http://www.object-craft.com.au/projects/albatross/news.html

http://www.debian.org/security/2006/dsa-942

http://security.debian.org/pool/updates/main/a/albatross/albatross_1.20-2.diff.gz

http://secunia.com/advisories/18496

http://secunia.com/advisories/18457

Details

Source: Mitre, NVD

Published: 2006-01-18

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.01662