VYPR
Unrated severityNVD Advisory· Published Jul 24, 2006· Updated Jun 16, 2026

CVE-2006-3798

CVE-2006-3798

Description

DeluxeBB 1.07 and earlier allows remote attackers to overwrite the (1) _GET, (2) _POST, (3) _ENV, and (4) _SERVER variables via the _COOKIE (aka COOKIE) variable, which can overwrite the other variables during an extract function call, probably leading to multiple security vulnerabilities, aka "pollution of the global namespace."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Deluxebb/Deluxebb4 versions
    cpe:2.3:a:deluxebb:deluxebb:1.05:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:deluxebb:deluxebb:1.05:*:*:*:*:*:*:*
    • cpe:2.3:a:deluxebb:deluxebb:1.06:*:*:*:*:*:*:*
    • cpe:2.3:a:deluxebb:deluxebb:1.07:*:*:*:*:*:*:*
    • (no CPE)range: <=1.07

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.