Unrated severityNVD Advisory· Published Apr 12, 2006· Updated Jun 16, 2026
CVE-2006-1749
CVE-2006-1749
Description
PHP remote file inclusion vulnerability in config.php in phpListPro 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the returnpath parameter. NOTE: this issue was later reported to affect 2.01 as well.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:smartisoft:phplistpro:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:smartisoft:phplistpro:*:*:*:*:*:*:*:*range: <=2.0
- cpe:2.3:a:smartisoft:phplistpro:2.01:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
7- www.osvdb.org/24540nvdExploit
- www.securityfocus.com/bid/17448nvdExploit
- secunia.com/advisories/19625nvdVendor Advisory
- www.vupen.com/english/advisories/2006/1325nvdVendor Advisory
- www.securityfocus.com/archive/1/430614nvd
- www.securityfocus.com/archive/1/433562/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/25760nvd
News mentions
0No linked articles in our index yet.