PHP Remote File Inclusion Vulnerability in TinyWebGallery by TinyWebGallery
CVE-2006-4166

Currently unrated

Key Information:

Vendor

Tinywebgallery

Status
Tinywebgallery
Vendor
CVE Published:
16 August 2006

What is CVE-2006-4166?

TinyWebGallery versions up to 1.5 are subject to a PHP remote file inclusion vulnerability that allows remote attackers to execute arbitrary PHP code. This can be achieved by manipulating the image parameter in the image.php or image.php2 files, potentially leading to unauthorized actions and security breaches on affected servers. Website administrators should take immediate steps to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/443353/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/442818/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://securityreason.com/securityalert/1393
third-party-advisoryx_refsource_SREASON

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.