PHP Remote File Inclusion Vulnerability in Loudblog by Loudblog Team
CVE-2006-0565

Currently unrated

Key Information:

Vendor: Gerrit Van Aaken
Status: Loudblog
Vendor: CVE Published:; 6 February 2006

🔔 Create Gerrit Van Aaken Vulnerability Alert

What is CVE-2006-0565?

A remote file inclusion vulnerability exists in the inc/backend_settings.php file of Loudblog versions 0.4 and earlier, enabling attackers to execute arbitrary PHP code via a crafted URL in the $GLOBALS[path] parameter. This flaw can potentially lead to unauthorized access to sensitive information or compromise of the server's integrity, making it crucial for users of affected versions to apply available patches or upgrade to secure versions to prevent exploitation.

References

http://securityreason.com/securityalert/410

third-party-advisoryx_refsource_SREASON

http://www.osvdb.org/22921

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/24479

vdb-entryx_refsource_XF

EPSS Score

17% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 6, 2006
Vulnerability Reserved
Feb 6, 2006

CVE-2006-0565 Data

JSON