Unrated severityNVD Advisory· Published Sep 9, 2006· Updated Jun 16, 2026
CVE-2006-4670
CVE-2006-4670
Description
Multiple PHP remote file inclusion vulnerabilities in PhotoKorn Gallery 1.52 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the dir_path parameter in (1) includes/cart.inc.php or (2) extras/ext_cats.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:gtasoft:photokorn_gallery:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:gtasoft:photokorn_gallery:*:*:*:*:*:*:*:*range: <=1.52
- (no CPE)range: <=1.52
Patches
Vulnerability mechanics
References
9- secunia.com/advisories/21796nvdVendor Advisory
- archives.neohapsis.com/archives/bugtraq/2006-09/0119.htmlnvd
- www.osvdb.org/28601nvd
- www.osvdb.org/28602nvd
- www.securityfocus.com/archive/1/445582/100/0/threadednvd
- www.securityfocus.com/bid/19914nvd
- www.vupen.com/english/advisories/2006/3520nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/28811nvd
- www.exploit-db.com/exploits/2327nvd
News mentions
0No linked articles in our index yet.