CyberSec.Space Logo
Back to CVE Browser

CVE-2006-7130

HIGH
7.5
CVSS Severity Score
EPSS Score0.1700%
EPSS Percentile17.86th
PublishedMar 6, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

PHP remote file inclusion vulnerability in backend/primitives/cache/media.php in Jinzora 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter, a different vector than CVE-2006-6770.

Affected Platforms (CPE)

πŸ“¦
Jinzora

Jinzora

<= 2.1
πŸ“¦
Jinzora

Jinzora

= 0.1.1
πŸ“¦
Jinzora

Jinzora

= 0.2
πŸ“¦
Jinzora

Jinzora

= 0.3
πŸ“¦
Jinzora

Jinzora

= 0.3
πŸ“¦
Jinzora

Jinzora

= 0.3
πŸ“¦
Jinzora

Jinzora

= 0.3.1
πŸ“¦
Jinzora

Jinzora

= 0.4
πŸ“¦
Jinzora

Jinzora

= 0.5
πŸ“¦
Jinzora

Jinzora

= 0.6.2
πŸ“¦
Jinzora

Jinzora

= 0.7
πŸ“¦
Jinzora

Jinzora

= 0.8.1
πŸ“¦
Jinzora

Jinzora

= 0.8.2
πŸ“¦
Jinzora

Jinzora

= 0.9
πŸ“¦
Jinzora

Jinzora

= 0.9.1
πŸ“¦
Jinzora

Jinzora

= 0.9.2
πŸ“¦
Jinzora

Jinzora

= 0.9.3
πŸ“¦
Jinzora

Jinzora

= 0.9.4
πŸ“¦
Jinzora

Jinzora

= 0.9.5
πŸ“¦
Jinzora

Jinzora

= 1.0.1
πŸ“¦
Jinzora

Jinzora

= 1.1
πŸ“¦
Jinzora

Jinzora

= 2.0
πŸ“¦
Jinzora

Jinzora

= 2.0
πŸ“¦
Jinzora

Jinzora

= 2.0
πŸ“¦
Jinzora

Jinzora

= 2.0
πŸ“¦
Jinzora

Jinzora

= 2.0
πŸ“¦
Jinzora

Jinzora

= 2.0.1

References & Advisories

πŸ”— http://securityreason.com/securityalert/2351
πŸ”— http://www.securityfocus.com/archive/1/448290/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/20446
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/29436
πŸ”— https://www.exploit-db.com/exploits/2512
πŸ”— http://securityreason.com/securityalert/2351
πŸ”— http://www.securityfocus.com/archive/1/448290/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/20446

Related Vulnerabilities

CVE-2005-224910.0

Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown impact and attack vectors, possibly involving a PHP file inclusion ...

CVE-2006-713110.0

PHP remote file inclusion vulnerability in extras/mt.php in Jinzora 2.6 allows remote attackers to execute arbitrary PHP code via ...

CVE-2005-33307.5

The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, ...

CVE-2009-23137.5

Directory traversal vulnerability in index.php in Jinzora Media Jukebox 2.8 and earlier allows remote attackers to include and exe...

CVE-2006-7130 Detail & Impact Analysis | CVSS 7.5 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space