{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T15:41:41.533","vulnerabilities":[{"cve":{"id":"CVE-2006-6852","sourceIdentifier":"cve@mitre.org","published":"2006-12-31T05:00:00.000","lastModified":"2026-06-16T22:33:55.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Eval injection vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 allows remote authenticated users to execute arbitrary Ruby code via unspecified vectors, possibly related to incorrect input validation by (1) conf.rhtml and (2) i.conf.rhtml.  NOTE: some of these details are obtained from third party information."},{"lang":"es","value":"Vulnerabilidad de inyección de secuencias de entrada evaluables en tDiary 2.0.3 y 2.1.4.200 61127 permite a atacantes remotos autenticados ejecutar código Ruby de su elección mediante vectores no especificados, posiblemente referidos a validación de entrada incorrecta en (1) conf.rhtml y (2) i.conf.rhtml. \r\nNOTA: algunos de estos detalles se han obtenido de información de terceros."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tdiary:tdiary:2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"901E2D28-D124-4633-918B-CDB0EA08C8A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:tdiary:tdiary:2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"A7D4A716-2D1B-47F0-BB24-EC8364CCD5FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:tdiary:tdiary:2.0.3:*:*:*:*:*:*:*","matchCriteriaId":"FD08310D-FF5A-4CFB-866C-9B7308230783"}]}]}],"references":[{"url":"http://jvn.jp/jp/JVN%2331185550/index.html","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/23465","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/21811","source":"cve@mitre.org"},{"url":"http://www.tdiary.org/20061210.html","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2006/5201","source":"cve@mitre.org"},{"url":"http://jvn.jp/jp/JVN%2331185550/index.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/23465","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/21811","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.tdiary.org/20061210.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2006/5201","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}