CVE-2006-3993
published 2006-08-05CVE-2006-3993: PHP remote file inclusion vulnerability in copyright.php in Olaf Noehring The Search Engine Project (TSEP) 0.942 allows remote attackers to execute arbitrary…
PriorityP337medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
4.00%
89.2th percentile
PHP remote file inclusion vulnerability in copyright.php in Olaf Noehring The Search Engine Project (TSEP) 0.942 allows remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tsep | tsep | <= 0.942 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4gw2-cpvx-xqjf: Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0
ghsa_unreviewed·2022-05-01·CVSS 5.1
CVE-2006-4055 [MEDIUM] GHSA-4gw2-cpvx-xqjf: Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0
Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to (1) include/colorswitch.php, (2) contentimages.class.php, (3) ipfunctions.php, (4) configfunctions.php, (5) printpagedetails.php, or (6) log.class.php. NOTE: the copyright.php vector is already covered by CVE-2006-3993.
GHSA
GHSA-v3g6-94hr-fgjg: PHP remote file inclusion vulnerability in copyright
ghsa_unreviewed·2022-05-01
CVE-2006-3993 [MEDIUM] GHSA-v3g6-94hr-fgjg: PHP remote file inclusion vulnerability in copyright
PHP remote file inclusion vulnerability in copyright.php in Olaf Noehring The Search Engine Project (TSEP) 0.942 allows remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/21291http://securityreason.com/securityalert/1323http://securitytracker.com/id?1016626http://www.bb-pcsecurity.de/sicherheit_269.htmhttp://www.securityfocus.com/archive/1/441828/100/0/threadedhttp://www.securityfocus.com/bid/19268http://www.vupen.com/english/advisories/2006/3095https://exchange.xforce.ibmcloud.com/vulnerabilities/28107https://svn.sourceforge.net/svnroot/tsep/tsep-svn/trunk/delivery/include/copyright.phphttps://www.exploit-db.com/exploits/2098http://secunia.com/advisories/21291http://securityreason.com/securityalert/1323http://securitytracker.com/id?1016626http://www.bb-pcsecurity.de/sicherheit_269.htmhttp://www.securityfocus.com/archive/1/441828/100/0/threadedhttp://www.securityfocus.com/bid/19268http://www.vupen.com/english/advisories/2006/3095https://exchange.xforce.ibmcloud.com/vulnerabilities/28107https://svn.sourceforge.net/svnroot/tsep/tsep-svn/trunk/delivery/include/copyright.phphttps://www.exploit-db.com/exploits/2098
2006-08-05
Published