CyberSec.Space Logo
Back to CVE Browser

CVE-2006-7184

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0950%
EPSS Percentile37.26th
PublishedMar 30, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine (EE) 1.22, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to (1) fetchsettings.php or (2) fstyles.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected Platforms (CPE)

📦
Photography On The Net

Exhibit Engine 2

<= 1.22

References & Advisories

🔗 http://www.securityfocus.com/bid/20793
🔗 http://www.securityfocus.com/bid/20793

Related Vulnerabilities

CVE-2006-718310.0

PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows remote attackers to execute a...

CVE-2005-18757.5

Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL com...

CVE-2006-52927.5

PHP remote file inclusion vulnerability in photo_comment.php in Exhibit Engine 1.5 RC 4 and earlier allows remote attackers to exe...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2006-7184 Detail & Impact Analysis | CVSS 6.8 (MEDIUM) | Cyber-Sec.Space | Cyber-Sec.Space