Unrated severityNVD Advisory· Published Aug 21, 2006· Updated Jun 16, 2026
CVE-2006-4240
CVE-2006-4240
Description
PHP remote file inclusion vulnerability in index.php in Fusion News 3.7 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:fusionphp:fusion_news:1.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:fusionphp:fusion_news:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:fusionphp:fusion_news:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:fusionphp:fusion_news:3.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:fusionphp:fusion_news:3.7:*:*:*:*:*:*:*
- (no CPE)range: = 3.7
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.