VYPR
Unrated severityNVD Advisory· Published Feb 13, 2006· Updated Jun 16, 2026

CVE-2006-0659

CVE-2006-0659

Description

Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and earlier, with register_globals and allow_url_fopen enabled, allow remote attackers to execute arbitrary code via the bbPath[path] parameter in (1) class.forumposts.php and (2) forumpollrenderer.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Runcms/Runcms4 versions
    cpe:2.3:a:runcms:runcms:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:runcms:runcms:*:*:*:*:*:*:*:*range: <=1.2
    • cpe:2.3:a:runcms:runcms:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:runcms:runcms:1.1a:*:*:*:*:*:*:*
    • (no CPE)range: <=1.2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.