CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Php Album: Security Vulnerabilities

CVE-2006-1839

PHP remote file inclusion vulnerability in language.php in PHP Album 0.3.2.3, when register_globals is enabled, allows remote attackers to execute arbitrary code via an FTP URL in the data_dir parameter, which satisfies the file_exists function call.

CVSS Score

7.5

EPSS Score

0.037

Published

2006-04-19

Page 1

Vulnerabilities

Vulnerable Software

Php Album: Security Vulnerabilities

Products

Pricing

Contact Us