CyberSec.Space Logo
Back to CVE Browser

CVE-2006-7183

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0240%
EPSS Percentile8.87th
PublishedMar 30, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter.

Affected Platforms (CPE)

πŸ“¦
Photography On The Net

Exhibit Engine 2

<= 1.22

References & Advisories

πŸ”— http://www.securityfocus.com/bid/21313
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/30516
πŸ”— https://www.exploit-db.com/exploits/2850
πŸ”— http://www.securityfocus.com/bid/21313
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/30516
πŸ”— https://www.exploit-db.com/exploits/2850

Related Vulnerabilities

CVE-2005-18757.5

Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL com...

CVE-2006-52927.5

PHP remote file inclusion vulnerability in photo_comment.php in Exhibit Engine 1.5 RC 4 and earlier allows remote attackers to exe...

CVE-2006-71846.8

Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine (EE) 1.22, and possibly earlier, allow remote attackers to ex...

CVE-2026-48777

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are ...