CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Exhibit Engine: >> Exhibit Engine >> 1.5_rc4 Security Vulnerabilities

CVE-2006-5292

PHP remote file inclusion vulnerability in photo_comment.php in Exhibit Engine 1.5 RC 4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter.

CVSS Score

7.5

EPSS Score

0.041

Published

2006-10-16

Page 1

Vulnerabilities

Vulnerable Software

Exhibit Engine: >> Exhibit Engine >> 1.5_rc4 Security Vulnerabilities

Products

Pricing

Contact Us