Search...

CVE-2006-4189

2006-08-17T01:04:00

ID CVE-2006-4189
Type cve
Reporter cve@mitre.org
Modified 2017-07-20T01:32:00

Description

Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) index.php, (2) aemodule.php, (3) browse.php, (4) cc.php, (5) click.php, (6) faq.php, (7) gallery.php, (8) im.php, (9) inbox.php, (10) join_form.php, (11) logout.php, (12) messages_inbox.php, and many other scripts.

JSON Vulners Source

Initial Source

{"id": "CVE-2006-4189", "bulletinFamily": "NVD", "title": "CVE-2006-4189", "description": "Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) index.php, (2) aemodule.php, (3) browse.php, (4) cc.php, (5) click.php, (6) faq.php, (7) gallery.php, (8) im.php, (9) inbox.php, (10) join_form.php, (11) logout.php, (12) messages_inbox.php, and many other scripts.", "published": "2006-08-17T01:04:00", "modified": "2017-07-20T01:32:00", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4189", "reporter": "cve@mitre.org", "references": ["http://www.osvdb.org/28516", "http://www.osvdb.org/28501", "http://www.osvdb.org/28479", "http://www.osvdb.org/28512", "http://www.osvdb.org/28511", "http://www.osvdb.org/28515", "http://www.osvdb.org/28509", "http://www.osvdb.org/28527", "http://www.osvdb.org/28517", "http://www.osvdb.org/28500", "http://www.osvdb.org/28496", "http://www.vupen.com/english/advisories/2006/3346", "http://www.osvdb.org/28474", "http://www.osvdb.org/28473", "http://www.osvdb.org/28523", "http://www.osvdb.org/28520", "http://www.osvdb.org/28503", "http://www.osvdb.org/28507", "http://www.osvdb.org/28499", "http://securitytracker.com/id?1016692", "http://www.securityfocus.com/bid/21182", "http://www.osvdb.org/28519", "http://www.osvdb.org/28504", "http://www.osvdb.org/28513", "http://www.osvdb.org/28529", "http://www.osvdb.org/28502", "http://www.osvdb.org/28514", "http://www.osvdb.org/28498", "http://www.osvdb.org/28492", "http://www.osvdb.org/28485", "http://secunia.com/advisories/21535", "http://www.osvdb.org/28526", "http://www.osvdb.org/28521", "http://www.osvdb.org/28478", "http://www.osvdb.org/28528", "http://www.osvdb.org/28522", "https://exchange.xforce.ibmcloud.com/vulnerabilities/28363", "http://www.osvdb.org/28506", "http://www.osvdb.org/28508", "http://www.osvdb.org/28530", "http://www.osvdb.org/28493", "http://www.osvdb.org/28524", "http://www.osvdb.org/28505", "http://www.osvdb.org/28525", "http://www.osvdb.org/28510"], "cvelist": ["CVE-2006-4189"], "type": "cve", "lastseen": "2021-02-02T05:27:23", "edition": 4, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:28472", "OSVDB:28503", "OSVDB:28514", "OSVDB:28506", "OSVDB:28468", "OSVDB:28507", "OSVDB:28499", "OSVDB:28501", "OSVDB:28470", "OSVDB:28502"]}], "modified": "2021-02-02T05:27:23", "rev": 2}, "score": {"value": 6.7, "vector": "NONE", "modified": "2021-02-02T05:27:23", "rev": 2}, "vulnersScore": 6.7}, "cpe": ["cpe:/a:boonex:dolphin:5.1"], "affectedSoftware": [{"cpeName": "boonex:dolphin", "name": "boonex dolphin", "operator": "eq", "version": "5.1"}], "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:boonex:dolphin:5.1:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:boonex:dolphin:5.1:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "28498", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28498"}, {"name": "28513", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28513"}, {"name": "28501", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28501"}, {"name": "28499", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28499"}, {"name": "28516", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28516"}, {"name": "28503", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28503"}, {"name": "28496", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28496"}, {"name": "28507", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28507"}, {"name": "28473", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28473"}, {"name": "28506", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28506"}, {"name": "28523", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28523"}, {"name": "28509", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28509"}, {"name": "28502", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28502"}, {"name": "28505", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28505"}, {"name": "28517", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28517"}, {"name": "21535", "refsource": "SECUNIA", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21535"}, {"name": "dolphin-dirinc-file-include(28363)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28363"}, {"name": "ADV-2006-3346", "refsource": "VUPEN", "tags": [], "url": "http://www.vupen.com/english/advisories/2006/3346"}, {"name": "28493", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28493"}, {"name": "28525", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28525"}, {"name": "28504", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28504"}, {"name": "28492", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28492"}, {"name": "28528", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28528"}, {"name": "28522", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28522"}, {"name": "28519", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28519"}, {"name": "28526", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28526"}, {"name": "28508", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28508"}, {"name": "28512", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28512"}, {"name": "28529", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28529"}, {"name": "28521", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28521"}, {"name": "28520", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28520"}, {"name": "21182", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/21182"}, {"name": "28485", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28485"}, {"name": "28515", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28515"}, {"name": "28530", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28530"}, {"name": "28474", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28474"}, {"name": "28524", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28524"}, {"name": "28514", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28514"}, {"name": "28510", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28510"}, {"name": "28527", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28527"}, {"name": "1016692", "refsource": "SECTRACK", "tags": ["Exploit"], "url": "http://securitytracker.com/id?1016692"}, {"name": "28500", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28500"}, {"name": "28511", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28511"}, {"name": "28479", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28479"}, {"name": "28478", "refsource": "OSVDB", "tags": ["Exploit"], "url": "http://www.osvdb.org/28478"}]}

{"osvdb": [{"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "cvelist": ["CVE-2006-4189"], "edition": 1, "description": "## Vulnerability Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the blog.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the blog.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/blog.php?dir[inc]=[Evil Script]\n## References:\nVendor URL: http://www.boonex.com/products/dolphin/\nSecurity Tracker: 1016692\n[Secunia Advisory ID:21535](https://secuniaresearch.flexerasoftware.com/advisories/21535/)\nISS X-Force ID: 28363\nFrSIRT Advisory: ADV-2006-3346\n[CVE-2006-4189](https://vulners.com/cve/CVE-2006-4189)\n", "modified": "2006-08-14T02:49:04", "published": "2006-08-14T02:49:04", "href": "https://vulners.com/osvdb/OSVDB:28471", "id": "OSVDB:28471", "type": "osvdb", "title": "Dolphin blog.php dir[inc] Variable Remote File Inclusion", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "cvelist": ["CVE-2006-4189"], "edition": 1, "description": "## Vulnerability Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the profile_activate.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the profile_activate.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/profile_activate.php?dir[inc]=[Evil Script]\n## References:\nVendor URL: http://www.boonex.com/products/dolphin/\nSecurity Tracker: 1016692\n[Secunia Advisory ID:21535](https://secuniaresearch.flexerasoftware.com/advisories/21535/)\nISS X-Force ID: 28363\nFrSIRT Advisory: ADV-2006-3346\n[CVE-2006-4189](https://vulners.com/cve/CVE-2006-4189)\n", "modified": "2006-08-14T02:49:04", "published": "2006-08-14T02:49:04", "href": "https://vulners.com/osvdb/OSVDB:28509", "id": "OSVDB:28509", "type": "osvdb", "title": "Dolphin profile_activate.php dir[inc] Variable Remote File Inclusion", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "cvelist": ["CVE-2006-4189"], "edition": 1, "description": "## Vulnerability Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the search_result.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the search_result.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/search_result.php?dir[inc]=[Evil Script]\n## References:\nVendor URL: http://www.boonex.com/products/dolphin/\nSecurity Tracker: 1016692\n[Secunia Advisory ID:21535](https://secuniaresearch.flexerasoftware.com/advisories/21535/)\nISS X-Force ID: 28363\nFrSIRT Advisory: ADV-2006-3346\n[CVE-2006-4189](https://vulners.com/cve/CVE-2006-4189)\n", "modified": "2006-08-14T02:49:04", "published": "2006-08-14T02:49:04", "href": "https://vulners.com/osvdb/OSVDB:28519", "id": "OSVDB:28519", "type": "osvdb", "title": "Dolphin search_result.php dir[inc] Variable Remote File Inclusion", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "cvelist": ["CVE-2006-4189"], "edition": 1, "description": "## Vulnerability Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the contact.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the contact.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/contact.php?dir[inc]=[Evil Script]\n## References:\nVendor URL: http://www.boonex.com/products/dolphin/\nSecurity Tracker: 1016692\n[Secunia Advisory ID:21535](https://secuniaresearch.flexerasoftware.com/advisories/21535/)\nISS X-Force ID: 28363\nFrSIRT Advisory: ADV-2006-3346\n[CVE-2006-4189](https://vulners.com/cve/CVE-2006-4189)\n", "modified": "2006-08-14T02:49:04", "published": "2006-08-14T02:49:04", "href": "https://vulners.com/osvdb/OSVDB:28480", "id": "OSVDB:28480", "type": "osvdb", "title": "Dolphin contact.php dir[inc] Variable Remote File Inclusion", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "cvelist": ["CVE-2006-4189"], "edition": 1, "description": "## Vulnerability Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the unregister.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the unregister.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/unregister.php?dir[inc]=[Evil Script]\n## References:\nVendor URL: http://www.boonex.com/products/dolphin/\nSecurity Tracker: 1016692\n[Secunia Advisory ID:21535](https://secuniaresearch.flexerasoftware.com/advisories/21535/)\nISS X-Force ID: 28363\nFrSIRT Advisory: ADV-2006-3346\n[CVE-2006-4189](https://vulners.com/cve/CVE-2006-4189)\n", "modified": "2006-08-14T02:49:04", "published": "2006-08-14T02:49:04", "href": "https://vulners.com/osvdb/OSVDB:28528", "id": "OSVDB:28528", "type": "osvdb", "title": "Dolphin unregister.php dir[inc] Variable Remote File Inclusion", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "cvelist": ["CVE-2006-4189"], "edition": 1, "description": "## Vulnerability Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the membership.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the membership.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/membership.php?dir[inc]=[Evil Script]\n## References:\nVendor URL: http://www.boonex.com/products/dolphin/\nSecurity Tracker: 1016692\n[Secunia Advisory ID:21535](https://secuniaresearch.flexerasoftware.com/advisories/21535/)\nISS X-Force ID: 28363\nFrSIRT Advisory: ADV-2006-3346\n[CVE-2006-4189](https://vulners.com/cve/CVE-2006-4189)\n", "modified": "2006-08-14T02:49:04", "published": "2006-08-14T02:49:04", "href": "https://vulners.com/osvdb/OSVDB:28498", "id": "OSVDB:28498", "type": "osvdb", "title": "Dolphin membership.php dir[inc] Variable Remote File Inclusion", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "cvelist": ["CVE-2006-4189"], "edition": 1, "description": "## Vulnerability Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the rate.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the rate.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/rate.php?dir[inc]=[Evil Script]\n## References:\nVendor URL: http://www.boonex.com/products/dolphin/\nSecurity Tracker: 1016692\n[Secunia Advisory ID:21535](https://secuniaresearch.flexerasoftware.com/advisories/21535/)\nISS X-Force ID: 28363\nFrSIRT Advisory: ADV-2006-3346\n[CVE-2006-4189](https://vulners.com/cve/CVE-2006-4189)\n", "modified": "2006-08-14T02:49:04", "published": "2006-08-14T02:49:04", "href": "https://vulners.com/osvdb/OSVDB:28515", "id": "OSVDB:28515", "type": "osvdb", "title": "Dolphin rate.php dir[inc] Variable Remote File Inclusion", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "cvelist": ["CVE-2006-4189"], "edition": 1, "description": "## Vulnerability Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the aemodule.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the aemodule.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/aemodule.php?dir[inc]=[Evil Script]\n## References:\nVendor URL: http://www.boonex.com/products/dolphin/\nSecurity Tracker: 1016692\n[Secunia Advisory ID:21535](https://secuniaresearch.flexerasoftware.com/advisories/21535/)\nISS X-Force ID: 28363\nFrSIRT Advisory: ADV-2006-3346\n[CVE-2006-4189](https://vulners.com/cve/CVE-2006-4189)\n", "modified": "2006-08-14T02:49:04", "published": "2006-08-14T02:49:04", "href": "https://vulners.com/osvdb/OSVDB:28469", "id": "OSVDB:28469", "type": "osvdb", "title": "Dolphin aemodule.php dir[inc] Variable Remote File Inclusion", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "cvelist": ["CVE-2006-4189"], "edition": 1, "description": "## Vulnerability Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the profile_edit.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the profile_edit.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/profile_edit.php?dir[inc]=[Evil Script]\n## References:\nVendor URL: http://www.boonex.com/products/dolphin/\nSecurity Tracker: 1016692\n[Secunia Advisory ID:21535](https://secuniaresearch.flexerasoftware.com/advisories/21535/)\nISS X-Force ID: 28363\nFrSIRT Advisory: ADV-2006-3346\n[CVE-2006-4189](https://vulners.com/cve/CVE-2006-4189)\n", "modified": "2006-08-14T02:49:04", "published": "2006-08-14T02:49:04", "href": "https://vulners.com/osvdb/OSVDB:28511", "id": "OSVDB:28511", "type": "osvdb", "title": "Dolphin profile_edit.php dir[inc] Variable Remote File Inclusion", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:24", "bulletinFamily": "software", "cvelist": ["CVE-2006-4189"], "edition": 1, "description": "## Vulnerability Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the profile.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nDolphin contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the profile.php script not properly sanitizing user input supplied to the 'dir[inc]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/profile.php?dir[inc]=[Evil Script]\n## References:\nVendor URL: http://www.boonex.com/products/dolphin/\nSecurity Tracker: 1016692\n[Secunia Advisory ID:21535](https://secuniaresearch.flexerasoftware.com/advisories/21535/)\nISS X-Force ID: 28363\nFrSIRT Advisory: ADV-2006-3346\n[CVE-2006-4189](https://vulners.com/cve/CVE-2006-4189)\n", "modified": "2006-08-14T02:49:04", "published": "2006-08-14T02:49:04", "href": "https://vulners.com/osvdb/OSVDB:28508", "id": "OSVDB:28508", "type": "osvdb", "title": "Dolphin profile.php dir[inc] Variable Remote File Inclusion", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}