Unrated severityNVD Advisory· Published Aug 10, 2006· Updated Apr 16, 2026

CVE-2006-4055

Description

Multiple PHP remote file inclusion vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter to (1) include/colorswitch.php, (2) contentimages.class.php, (3) ipfunctions.php, (4) configfunctions.php, (5) printpagedetails.php, or (6) log.class.php. NOTE: the copyright.php vector is already covered by CVE-2006-3993.

Affected products

Tsep/Tsep
cpe:2.3:a:tsep:tsep:*:*:*:*:*:*:*:*
Range: <=0.942

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/19326nvdExploit
secunia.com/advisories/21291nvdVendor Advisory
securityreason.com/securityalert/1354nvd
sourceforge.net/forum/forum.phpnvd
sourceforge.net/forum/forum.phpnvd
www.securityfocus.com/archive/1/442098/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/28107nvd
www.exploit-db.com/exploits/2116nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.019
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000