CyberSec.Space Logo
返回 CVE 浏览器

CVE-2006-7184

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0950%
EPSS Percentile37.26th
Published2007年3月30日
Last Modified2026年4月23日

Vulnerability Description

Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine (EE) 1.22, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to (1) fetchsettings.php or (2) fstyles.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected Platforms (CPE)

📦
Photography On The Net

Exhibit Engine 2

<= 1.22

References & Advisories

🔗 http://www.securityfocus.com/bid/20793
🔗 http://www.securityfocus.com/bid/20793

相关漏洞威胁

CVE-2006-718310.0

PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows remote attackers to execute a...

CVE-2005-18757.5

Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL com...

CVE-2006-52927.5

PHP remote file inclusion vulnerability in photo_comment.php in Exhibit Engine 1.5 RC 4 and earlier allows remote attackers to exe...

CVE-2006-446110.0

Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the pr...