cbcvebase.
CVE-2006-2914
published 2006-06-23

CVE-2006-2914: PHP remote file inclusion vulnerability in DeluxeBB 1.06 allows remote attackers to execute arbitrary code via a URL in the templatefolder parameter to (1)…

PriorityP345medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
20.30%
97.2th percentile
PHP remote file inclusion vulnerability in DeluxeBB 1.06 allows remote attackers to execute arbitrary code via a URL in the templatefolder parameter to (1) postreply.php, (2) posting.php, (3) and pm/newpm.php in the deluxe/ directory, and (4) postreply.php, (5) posting.php, and (6) pm/newpm.php in the default/ directory.

Affected

1 ranges
VendorProductVersion rangeFixed in
deluxebbdeluxebb
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.