Description

PHP remote file inclusion vulnerability in templates/tmpl_dfl/scripts/index.php in BoonEx Dolphin 5.2 allows remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter. NOTE: it is possible that this issue overlaps CVE-2006-4189.

Remediation

References

CVE-2006-5410

Related Vulnerabilities

WordPress Plugin Ajax Gallery 'list.php' SQL Injection (3.0)

Oracle Application Server Other Vulnerability (CVE-2007-0286)

PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10211)

WordPress Plugin Featured Content 'param' Parameter Cross-Site Scripting (0.0.1)

Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-33934)

Severity

Medium

Classification

CVE-2006-5410

Tags

Missing Update Known Vulnerabilities