Unrated severityNVD Advisory· Published Apr 29, 2006· Updated Jun 16, 2026
CVE-2006-2098
CVE-2006-2098
Description
PHP remote file inclusion vulnerability in Thumbnail AutoIndex before 2.0 allows remote attackers to execute arbitrary PHP code via (1) README.html or (2) HEADER.html.
Affected products
9cpe:2.3:a:php_thumbnail_autoindex:php_thumbnail_autoindex:1.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:php_thumbnail_autoindex:php_thumbnail_autoindex:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_thumbnail_autoindex:php_thumbnail_autoindex:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_thumbnail_autoindex:php_thumbnail_autoindex:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_thumbnail_autoindex:php_thumbnail_autoindex:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:php_thumbnail_autoindex:php_thumbnail_autoindex:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:php_thumbnail_autoindex:php_thumbnail_autoindex:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_thumbnail_autoindex:php_thumbnail_autoindex:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:php_thumbnail_autoindex:php_thumbnail_autoindex:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:php_thumbnail_autoindex:php_thumbnail_autoindex:1.4:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.