Dreamcost Dreamaccount vulnerabilities
2 known vulnerabilities affecting dreamcost/dreamaccount.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2006-6232P3HIGHCVSS 7.5PoCv3.12006-12-02
CVE-2006-6232 [HIGH] CVE-2006-6232: PHP remote file inclusion vulnerability in admin/index.php in DreamAccount 3.1 allows remote attacke
PHP remote file inclusion vulnerability in admin/index.php in DreamAccount 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.
nvd
CVE-2006-2881P3MEDIUMCVSS 5.1PoC≤ 3.12006-06-07
CVE-2006-2881 [MEDIUM] CVE-2006-2881: Multiple PHP remote file inclusion vulnerabilities in DreamAccount 3.1 and earlier, when register_gl
Multiple PHP remote file inclusion vulnerabilities in DreamAccount 3.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the da_path parameter in the (1) auth.cookie.inc.php, (2) auth.header.inc.php, or (3) auth.sessions.inc.php scripts.
nvd