VYPR
Unrated severityNVD Advisory· Published Apr 11, 2006· Updated Jun 16, 2026

CVE-2006-1684

CVE-2006-1684

Description

Unspecified vulnerability in ecotwo Shopsystem 1.0-192 and earlier allows remote attackers to include arbitrary local files via (1) the lang parameter in news.php and (2) other unspecified vectors.

Affected products

2
  • cpe:2.3:a:ecotwo:shopsystem:1.0_192:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ecotwo:shopsystem:1.0_192:*:*:*:*:*:*:*
    • (no CPE)range: <=1.0-192

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.