PHP Remote File Inclusion Vulnerability in BinGo News by BinGo
CVE-2006-4649

Currently unrated

Key Information:

Vendor: Bingo News
Status: Bingo News
Vendor: CVE Published:; 8 September 2006

What is CVE-2006-4649?

A PHP remote file inclusion vulnerability exists in the bp_news.php file of BinGo News version 3.01 and earlier. This flaw allows remote attackers to include and execute arbitrary PHP scripts by manipulating the 'bnrep' parameter. Exploiting this vulnerability can lead to unauthorized access and execution of malicious code on the server, compromising the security of the application and potentially affecting sensitive data.

References

http://www.vupen.com/english/advisories/2006/3494

vdb-entryx_refsource_VUPEN

http://securitytracker.com/id?1016811

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/archive/1/445506/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 8, 2006
Vulnerability Reserved
Sep 8, 2006

CVE-2006-4649 Data

JSON

Bingo News

What is CVE-2006-4649?

References

Timeline