Unrated severityNVD Advisory· Published Aug 31, 2006· Updated Apr 16, 2026
CVE-2006-4489
CVE-2006-4489
Description
Multiple PHP remote file inclusion vulnerabilities in MiniBill 2006-07-14 (1.2.2) allow remote attackers to execute arbitrary PHP code via (1) a URL in the config[include_dir] parameter in actions/ipn.php or (2) an FTP path in the config[plugin_dir] parameter in include/initPlugins.php.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- www.securityfocus.com/bid/19568nvdExploit
- secunia.com/advisories/21688nvdVendor Advisory
- securitytracker.com/idnvd
- www.attrition.org/pipermail/vim/2006-November/001115.htmlnvd
- www.osvdb.org/28258nvd
- www.osvdb.org/28259nvd
- www.ultrize.com/minibill/index.phpnvd
- www.ultrize.com/minibill/index.phpnvd
- www.vupen.com/english/advisories/2006/3413nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/28625nvd
- www.exploit-db.com/exploits/2272nvd
News mentions
0No linked articles in our index yet.