Unrated severityNVD Advisory· Published Sep 11, 2006· Updated Jun 16, 2026
CVE-2006-4672
CVE-2006-4672
Description
PHP remote file inclusion vulnerability in profitCode ppalCart 2.5 EE, possibly a component of PayProCart, allows remote attackers to execute arbitrary PHP code via a URL in the (1) proMod parameter to (a) index.php, or the (2) docroot parameter to (b) index.php or (c) mainpage.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:profitcode:ppalcart:2.5_ee:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:profitcode:ppalcart:2.5_ee:*:*:*:*:*:*:*
- (no CPE)range: = 2.5 EE
Patches
Vulnerability mechanics
References
7- www.securityfocus.com/bid/19881nvdExploit
- secunia.com/advisories/21868nvdVendor Advisory
- www.vupen.com/english/advisories/2006/3557nvdVendor Advisory
- www.securityfocus.com/archive/1/445748/100/0/threadednvd
- www.securityfocus.com/archive/1/446076/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/28781nvd
- www.exploit-db.com/exploits/2316nvd
News mentions
0No linked articles in our index yet.