CVE-2006-5670

2006-11-0301:00:00

mitre

www.cve.org

7.5 High

AI Score

Confidence

Low

0.153 Low

EPSS

Percentile

95.9%

JSON

PHP remote file inclusion vulnerability in forgot_pass.php in Free Image Hosting 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter.

References

secunia.com/advisories/22597

www.osvdb.org/30127

www.securityfocus.com/bid/20782

www.vupen.com/english/advisories/2006/4229

exchange.xforce.ibmcloud.com/vulnerabilities/29873

www.exploit-db.com/exploits/2669