CVE-2006-5400
published 2006-10-18CVE-2006-5400: PHP remote file inclusion vulnerability in forum/track.php in CyberBrau 0.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary…
PriorityP334medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
2.89%
85.1th percentile
PHP remote file inclusion vulnerability in forum/track.php in CyberBrau 0.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cyberbrau | cyberbrau | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
CyberBrau 0.9.4 path file inclusion (EDB-2559 / XFDB-29551)
vuldb·2026-04-25·CVSS 5.1
CVE-2006-5400 [MEDIUM] CyberBrau 0.9.4 path file inclusion (EDB-2559 / XFDB-29551)
A vulnerability was found in CyberBrau 0.9.4. It has been rated as critical. Impacted is an unknown function. This manipulation of the argument path causes file inclusion.
This vulnerability is handled as CVE-2006-5400. The attack can be initiated remotely. Additionally, an exploit exists.
GHSA
GHSA-p59w-xhqc-hp76: PHP remote file inclusion vulnerability in forum/track
ghsa_unreviewed·2022-05-01
CVE-2006-5400 [MEDIUM] GHSA-p59w-xhqc-hp76: PHP remote file inclusion vulnerability in forum/track
PHP remote file inclusion vulnerability in forum/track.php in CyberBrau 0.9.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
No detection rules found.
No writeups or analysis indexed.
2006-10-18
Published