WM-News v0.5 - Remote File Include Vulnerabilities Date: 2006.09.12 Credit: erne Risk: High CVE: CVE-2006-4666 CWE: CWE-94 Local: No Remote: Yes CVSS Scores Base Score: 7.5/10 Exploit Range: Remote Confidentiality Impact: Partial Impact Subscore: 6.4/10 - Attack Complexity: Low - Integrity Impact: Partial - Availability Impact: Partial Exploitability Subscore: 10/10 - Authentication: Not required Affected URLs References Site: http://www.comscripts.com/jump.php?action=script&id=203 Script: WM-News v0.5 Credits: ERNE Contact: erne(at)ernealizm(dot)com Acknowledgments BLACKWHITE, B财税, FearLessS, B3g0k, Liz0zim, EntRiKa, Dj_Remix, Di_Lejyoner