VYPR
Unrated severityNVD Advisory· Published Aug 22, 2006· Updated Jun 16, 2026

CVE-2006-4283

CVE-2006-4283

Description

Multiple PHP remote file inclusion vulnerabilities in SOLMETRA SPAW Editor 1.0.6 and 1.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the spaw_dir parameter in dialogs/ scripts including (1) a.php, (2) collorpicker.php, (3) img.php, (4) img_library.php, (5) table.php, or (6) td.php.

Affected products

3
  • cpe:2.3:a:solmetra:spaw_editor:1.0.6:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:solmetra:spaw_editor:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:solmetra:spaw_editor:1.0.7:*:*:*:*:*:*:*
    • (no CPE)range: 1.0.6, 1.0.7

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.