CVE-2006-3531

critical

Description

includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates the authentication credentials from parameters, which allows remote attackers to obtain privileges and upload arbitrary files via modified (1) pass and (2) session parameters, and (3) pass and (4) userlevel indices of the (a) Pivot_Vars[] or (b) Users[] array parameters.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/27671

http://www.vupen.com/english/advisories/2006/2744

http://www.securityfocus.com/archive/1/439495/100/0/threaded

http://www.osvdb.org/27126

http://securityreason.com/securityalert/1214

http://secunia.com/advisories/20962

Details

Source: Mitre, NVD

Published: 2006-07-12

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.10876