CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-7183

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0240%
EPSS Percentile8.87th
Published2007年3月30日
Last Modified2026年4月23日

Vulnerability Description

PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter.

Affected Platforms (CPE)

📦
Photography On The Net

Exhibit Engine 2

<= 1.22

References & Advisories

🔗 http://www.securityfocus.com/bid/21313
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/30516
🔗 https://www.exploit-db.com/exploits/2850
🔗 http://www.securityfocus.com/bid/21313
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/30516
🔗 https://www.exploit-db.com/exploits/2850

関連する脆弱性情報

CVE-2005-18757.5

Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL com...

CVE-2006-52927.5

PHP remote file inclusion vulnerability in photo_comment.php in Exhibit Engine 1.5 RC 4 and earlier allows remote attackers to exe...

CVE-2006-71846.8

Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine (EE) 1.22, and possibly earlier, allow remote attackers to ex...

CVE-2006-446110.0

Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the pr...