cbcvebase.
CVE-2006-4204
published 2006-08-17

CVE-2006-4204: Multiple PHP remote file inclusion vulnerabilities in PHProjekt 5.1 and possibly earlier allow remote attackers to execute arbitrary PHP code via a URL in the…

PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
7.96%
94.0th percentile
Multiple PHP remote file inclusion vulnerabilities in PHProjekt 5.1 and possibly earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) path_pre parameter in lib/specialdays.php and the (2) lib_path parameter in lib/dbman_filter.inc.php.

Affected

8 ranges
VendorProductVersion rangeFixed in
phpprojektphpprojekt
phprojektphprojekt<= 5.1.1
phprojektphprojekt<= 5.1
phprojektphprojekt
phprojektphprojekt
phprojektphprojekt
phprojektphprojekt
phprojektphprojekt
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.