CVE-2006-5413
published 2006-10-20CVE-2006-5413: Multiple PHP remote file inclusion vulnerabilities in SuperMod 3.0.0 for YABB (YaBBSM) allow remote attackers to execute arbitrary PHP code via a URL in the…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.16%
86.3th percentile
Multiple PHP remote file inclusion vulnerabilities in SuperMod 3.0.0 for YABB (YaBBSM) allow remote attackers to execute arbitrary PHP code via a URL in the sourcedir parameter to (1) Offline.php, (2) Sources/Admin.php, (3) Sources/Offline.php, or (4) content/portalshow.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| supermod | supermod | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
SuperMod 3.0.0 offline.php sourcedir file inclusion (EDB-2553 / XFDB-29559)
vuldb·2026-04-25·CVSS 7.5
CVE-2006-5413 [HIGH] SuperMod 3.0.0 offline.php sourcedir file inclusion (EDB-2553 / XFDB-29559)
A vulnerability was found in SuperMod 3.0.0. It has been declared as critical. The impacted element is an unknown function of the file offline.php. Such manipulation of the argument sourcedir leads to file inclusion.
This vulnerability is traded as CVE-2006-5413. The attack may be launched remotely. Furthermore, there is an exploit available.
GHSA
GHSA-m2c9-gh5x-86r8: Multiple PHP remote file inclusion vulnerabilities in SuperMod 3
ghsa_unreviewed·2022-05-01
CVE-2006-5413 [HIGH] GHSA-m2c9-gh5x-86r8: Multiple PHP remote file inclusion vulnerabilities in SuperMod 3
Multiple PHP remote file inclusion vulnerabilities in SuperMod 3.0.0 for YABB (YaBBSM) allow remote attackers to execute arbitrary PHP code via a URL in the sourcedir parameter to (1) Offline.php, (2) Sources/Admin.php, (3) Sources/Offline.php, or (4) content/portalshow.php.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/22437http://www.securityfocus.com/bid/20568http://www.securityfocus.com/bid/20570http://www.vupen.com/english/advisories/2006/4042https://exchange.xforce.ibmcloud.com/vulnerabilities/29559https://www.exploit-db.com/exploits/2553http://secunia.com/advisories/22437http://www.securityfocus.com/bid/20568http://www.securityfocus.com/bid/20570http://www.vupen.com/english/advisories/2006/4042https://exchange.xforce.ibmcloud.com/vulnerabilities/29559https://www.exploit-db.com/exploits/2553
2006-10-20
Published