CyberSec.Space Logo
Back to CVE Browser

CVE-2006-7036

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0850%
EPSS Percentile39.74th
PublishedFeb 23, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

PHP remote file inclusion vulnerability in register.php for Andys Chat 4.5 allows remote attackers to execute arbitrary code via the action parameter. NOTE: this issue was announced by an unreliable researcher, but the vendor is no longer distributing the product, so the original claims can not be evaluated.

Affected Platforms (CPE)

πŸ“¦
Andys Chat

Andys Chat

= 4.5

References & Advisories

πŸ”— http://securityreason.com/securityalert/2284
πŸ”— http://www.securityfocus.com/archive/1/437300/30/4350/threaded
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/27187
πŸ”— http://securityreason.com/securityalert/2284
πŸ”— http://www.securityfocus.com/archive/1/437300/30/4350/threaded
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/27187

Related Vulnerabilities

CVE-2006-011910.0

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due...

CVE-2006-610210.0

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X ser...

CVE-2006-502510.0

Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.2 have unknown impact and attack ve...

CVE-2006-012810.0

Buffer overflow in the IMAP service of Rockliffe MailSite before 6.1.22.1 allows remote attackers to have an unknown impact via un...