Unrated severityNVD Advisory· Published Jun 5, 2006· Updated Jun 16, 2026
CVE-2006-2811
CVE-2006-2811
Description
Multiple PHP remote file inclusion vulnerabilities in Cantico Ovidentia 5.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the babInstallPath parameter in (1) index.php, (2) topman.php, (3) approb.php, (4) vacadmb.php, (5) vacadma.php, (6) vacadm.php, (7) statart.php, (8) search.php, (9) posts.php, (10) options.php, (11) login.php, (12) frchart.php, (13) flbchart.php, (14) fileman.php, (15) faq.php, (16) event.php, (17) directory.php, (18) articles.php, (19) artedit.php, (20) calday.php, and additional unspecified PHP scripts. NOTE: the utilit.php vector is already covered by CVE-2005-1964.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
26- securityreason.com/securityalert/1033nvd
- www.osvdb.org/27209nvd
- www.osvdb.org/27211nvd
- www.osvdb.org/27212nvd
- www.osvdb.org/27213nvd
- www.osvdb.org/27214nvd
- www.osvdb.org/27215nvd
- www.osvdb.org/27216nvd
- www.osvdb.org/27217nvd
- www.osvdb.org/27218nvd
- www.osvdb.org/27219nvd
- www.osvdb.org/27220nvd
- www.osvdb.org/27221nvd
- www.osvdb.org/27222nvd
- www.osvdb.org/27223nvd
- www.osvdb.org/27224nvd
- www.osvdb.org/27225nvd
- www.osvdb.org/27226nvd
- www.osvdb.org/27227nvd
- www.osvdb.org/27228nvd
- www.osvdb.org/27229nvd
- www.securityfocus.com/archive/1/435590/100/0/threadednvd
- www.securityfocus.com/archive/1/456893/100/200/threadednvd
- www.securityfocus.com/archive/1/459572/100/0/threadednvd
- www.securityfocus.com/bid/18232nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26981nvd
News mentions
0No linked articles in our index yet.