CyberSec.Space Logo
Back to CVE Browser

CVE-2006-7131

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0930%
EPSS Percentile2.39th
PublishedMar 6, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

PHP remote file inclusion vulnerability in extras/mt.php in Jinzora 2.6 allows remote attackers to execute arbitrary PHP code via the web_root parameter.

Affected Platforms (CPE)

πŸ“¦
Jinzora

Jinzora

= 2.6

References & Advisories

πŸ”— http://securityreason.com/securityalert/2352
πŸ”— http://www.securityfocus.com/archive/1/448703/100/0/threaded
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/29556
πŸ”— https://www.exploit-db.com/exploits/2558
πŸ”— http://securityreason.com/securityalert/2352
πŸ”— http://www.securityfocus.com/archive/1/448703/100/0/threaded
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/29556
πŸ”— https://www.exploit-db.com/exploits/2558

Related Vulnerabilities

CVE-2005-224910.0

Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown impact and attack vectors, possibly involving a PHP file inclusion ...

CVE-2005-33307.5

The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, ...

CVE-2006-71307.5

PHP remote file inclusion vulnerability in backend/primitives/cache/media.php in Jinzora 2.1 and earlier allows remote attackers t...

CVE-2009-23137.5

Directory traversal vulnerability in index.php in Jinzora Media Jukebox 2.8 and earlier allows remote attackers to include and exe...

CVE-2006-7131 Detail & Impact Analysis | CVSS 10.0 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space