CVE-2006-5186

2006-10-0619:00:00

mitre

www.cve.org

AI Score

7.5

Confidence

High

EPSS

0.167

Percentile

96.1%

JSON

PHP remote file inclusion vulnerability in functions.php in phpMyProfiler 0.9.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pmp_rel_path parameter.

References

forum.phpmyprofiler.de/viewtopic.php?p=2745#2745

secunia.com/advisories/22144

securityreason.com/securityalert/1696

securitytracker.com/id?1016980

www.phpmyprofiler.de/index.php?page=2

www.securityfocus.com/archive/1/447646/100/0/threaded

www.securityfocus.com/bid/20324

www.vupen.com/english/advisories/2006/3896

exchange.xforce.ibmcloud.com/vulnerabilities/29335

www.exploit-db.com/exploits/2470