Unrated severityNVD Advisory· Published Aug 17, 2006· Updated Apr 16, 2026

CVE-2006-4189

Description

Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) index.php, (2) aemodule.php, (3) browse.php, (4) cc.php, (5) click.php, (6) faq.php, (7) gallery.php, (8) im.php, (9) inbox.php, (10) join_form.php, (11) logout.php, (12) messages_inbox.php, and many other scripts.

Affected products

Boonex/Dolphin
cpe:2.3:a:boonex:dolphin:5.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securitytracker.com/idnvdExploit
www.osvdb.org/28473nvdExploit
www.osvdb.org/28474nvdExploit
www.osvdb.org/28478nvdExploit
www.osvdb.org/28479nvdExploit
www.osvdb.org/28485nvdExploit
www.osvdb.org/28492nvdExploit
www.osvdb.org/28493nvdExploit
www.osvdb.org/28496nvdExploit
www.osvdb.org/28498nvdExploit
www.osvdb.org/28499nvdExploit
www.osvdb.org/28500nvdExploit
www.osvdb.org/28501nvdExploit
www.osvdb.org/28502nvdExploit
www.osvdb.org/28503nvdExploit
www.osvdb.org/28504nvdExploit
www.osvdb.org/28505nvdExploit
www.osvdb.org/28506nvdExploit
www.osvdb.org/28507nvdExploit
www.osvdb.org/28508nvdExploit
www.osvdb.org/28509nvdExploit
www.osvdb.org/28510nvdExploit
www.osvdb.org/28511nvdExploit
www.osvdb.org/28512nvdExploit
www.osvdb.org/28513nvdExploit
www.osvdb.org/28514nvdExploit
www.osvdb.org/28515nvdExploit
www.osvdb.org/28516nvdExploit
www.osvdb.org/28517nvdExploit
www.osvdb.org/28519nvdExploit
www.osvdb.org/28520nvdExploit
www.osvdb.org/28521nvdExploit
www.osvdb.org/28522nvdExploit
www.osvdb.org/28523nvdExploit
www.osvdb.org/28524nvdExploit
www.osvdb.org/28525nvdExploit
www.osvdb.org/28526nvdExploit
www.osvdb.org/28527nvdExploit
www.osvdb.org/28528nvdExploit
www.osvdb.org/28529nvdExploit
www.osvdb.org/28530nvdExploit
secunia.com/advisories/21535nvdVendor Advisory
www.securityfocus.com/bid/21182nvd
www.vupen.com/english/advisories/2006/3346nvd
exchange.xforce.ibmcloud.com/vulnerabilities/28363nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000