CyberSec.Space Logo
返回 CVE 浏览器

CVE-2006-7036

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0850%
EPSS Percentile39.74th
Published2007年2月23日
Last Modified2026年4月23日

Vulnerability Description

PHP remote file inclusion vulnerability in register.php for Andys Chat 4.5 allows remote attackers to execute arbitrary code via the action parameter. NOTE: this issue was announced by an unreliable researcher, but the vendor is no longer distributing the product, so the original claims can not be evaluated.

Affected Platforms (CPE)

📦
Andys Chat

Andys Chat

= 4.5

References & Advisories

🔗 http://securityreason.com/securityalert/2284
🔗 http://www.securityfocus.com/archive/1/437300/30/4350/threaded
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/27187
🔗 http://securityreason.com/securityalert/2284
🔗 http://www.securityfocus.com/archive/1/437300/30/4350/threaded
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/27187

相关漏洞威胁

CVE-2006-623510.0

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to ...

CVE-2006-610210.0

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X ser...

CVE-2006-446110.0

Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the pr...

CVE-2006-021810.0

Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before 1.0.2 have unspecified impact and attack vectors, related to...