Unrated severityNVD Advisory· Published Sep 7, 2006· Updated Apr 16, 2026
CVE-2006-4596
CVE-2006-4596
Description
PHP remote file inclusion in MyBace Light Skrip, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the (1) hauptverzeichniss parameter in includes/login_check.php and the (2) template_back parameter in admin/login/content/user_daten.php.
Affected products
1- cpe:2.3:a:mybace_light:mybace_light:*:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- secunia.com/advisories/21746nvdVendor Advisory
- www.bb-pcsecurity.de/Websecurity/384/org/MyBace_Light_%28hauptverzeichniss%29_Remote_File_Inclusion.htmnvd
- www.securityfocus.com/archive/1/445185/100/0/threadednvd
- www.securityfocus.com/bid/19811nvd
- www.securityfocus.com/bid/19830nvd
- www.vupen.com/english/advisories/2006/3447nvd
News mentions
0No linked articles in our index yet.