CyberSec.Space Logo
Back to CVE Browser

CVE-2006-0854

HIGH
7.5
CVSS Severity Score
EPSS Score0.1640%
EPSS Percentile3.21th
PublishedFeb 23, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

PHP remote file inclusion vulnerability in common.php in Intensive Point iUser Ecommerce allows remote attackers to include arbitrary files via a URL in the include_path variable, which is not initialized before being used.

Affected Platforms (CPE)

πŸ“¦
Intensive Point

Iuser Ecommerce

All versions

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0339.html
πŸ”— http://secunia.com/advisories/18903
πŸ”— http://www.osvdb.org/23429
πŸ”— http://www.securityfocus.com/bid/16787
πŸ”— http://www.vupen.com/english/advisories/2006/0699
πŸ”— http://www.xorcrew.net/xpa/XPA-iUser.txt
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/24724
πŸ”— http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0339.html

Related Vulnerabilities

CVE-2006-087410.0

Multiple unspecified vulnerabilities in Intensive Point iUser Ecommerce before 2.2 have unspecified vectors and impact, as address...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...