CVE-2006-1013

critical

Description

PHP remote file include vulnerability in index.php in SMartBlog (aka SMBlog) 1.2 allows remote attackers to include and execute arbitrary PHP files via (1) the pg parameter and (2) a query string without a parameter.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/25220

http://www.securityfocus.com/bid/16905

http://www.securityfocus.com/archive/1/426498/100/0/threaded

Details

Source: Mitre, NVD

Published: 2006-03-07

Updated: 2026-04-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.03359

Detections

Analytics