VYPR
Unrated severityNVD Advisory· Published Apr 25, 2006· Updated Jun 16, 2026

CVE-2006-2005

CVE-2006-2005

Description

Eval injection vulnerability in index.php in ClanSys 1.1 allows remote attackers to execute arbitrary PHP code via PHP code in the page parameter, as demonstrated by using an "include" statement that is injected into the eval statement. NOTE: this issue has been described as file inclusion by some sources, but that is just one attack; the primary vulnerability is eval injection.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Clansys/Clansys2 versions
    cpe:2.3:a:clansys:clansys:1.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:clansys:clansys:1.1:*:*:*:*:*:*:*
    • (no CPE)range: = 1.1

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.