Vulnerability Description
Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) index.php, (2) aemodule.php, (3) browse.php, (4) cc.php, (5) click.php, (6) faq.php, (7) gallery.php, (8) im.php, (9) inbox.php, (10) join_form.php, (11) logout.php, (12) messages_inbox.php, and many other scripts.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Boonex | Dolphin | 5.1 |
References
- http://secunia.com/advisories/21535Vendor Advisory
- http://securitytracker.com/id?1016692Exploit
- http://www.osvdb.org/28473Exploit
- http://www.osvdb.org/28474Exploit
- http://www.osvdb.org/28478Exploit
- http://www.osvdb.org/28479Exploit
- http://www.osvdb.org/28485Exploit
- http://www.osvdb.org/28492Exploit
- http://www.osvdb.org/28493Exploit
- http://www.osvdb.org/28496Exploit
- http://www.osvdb.org/28498Exploit
- http://www.osvdb.org/28499Exploit
- http://www.osvdb.org/28500Exploit
- http://www.osvdb.org/28501Exploit
- http://www.osvdb.org/28502Exploit
FAQ
What is CVE-2006-4189?
CVE-2006-4189 is a vulnerability with a CVSS score of 5.1 (MEDIUM). Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) index.php, (2) aemodule.php, (3) brows...
How severe is CVE-2006-4189?
CVE-2006-4189 has been rated MEDIUM with a CVSS base score of 5.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4189?
Check the references section above for vendor advisories and patch information. Affected products include: Boonex Dolphin.