VYPR
Unrated severityNVD Advisory· Published May 10, 2006· Updated Jun 16, 2026

CVE-2006-2283

CVE-2006-2283

Description

Multiple PHP remote file inclusion vulnerabilities in SpiffyJr phpRaid 2.9.5 through 3.0.b3 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) auth.php and (2) auth_phpbb when the phpBB portal is enabled, and via a URL in the smf_root_path parameter in (3) auth.php and (4) auth_SMF when the SMF portal is enabled.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Spiffyjr/Phpraid5 versions
    cpe:2.3:a:spiffyjr:phpraid:2.9.5:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:spiffyjr:phpraid:2.9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:spiffyjr:phpraid:3.0.b1:*:*:*:*:*:*:*
    • cpe:2.3:a:spiffyjr:phpraid:3.0.b2:*:*:*:*:*:*:*
    • cpe:2.3:a:spiffyjr:phpraid:3.0.b3:*:*:*:*:*:*:*
    • (no CPE)range: >=2.9.5 <=3.0.b3

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.