VYPR
Unrated severityNVD Advisory· Published May 23, 2006· Updated Jun 16, 2026

CVE-2006-2548

CVE-2006-2548

Description

Prodder before 0.5, and perlpodder before 0.5, allows remote attackers to execute arbitrary code via shell metacharacters in the URL of a podcast (url attribute of an enclosure tag, or $enc_url variable), which is executed when running wget.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • cpe:2.3:a:perlpodder:perlpodder:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:perlpodder:perlpodder:*:*:*:*:*:*:*:*range: <=0.4
    • cpe:2.3:a:perlpodder:perlpodder:0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:perlpodder:perlpodder:0.3:*:*:*:*:*:*:*
    • (no CPE)range: <0.5
  • Prodder/Prodder3 versions
    cpe:2.3:a:prodder:prodder:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:prodder:prodder:*:*:*:*:*:*:*:*range: <=0.4
    • cpe:2.3:a:prodder:prodder:0.3:*:*:*:*:*:*:*
    • (no CPE)range: <0.5

Patches

Vulnerability mechanics

References

13

News mentions

0

No linked articles in our index yet.