Unrated severityNVD Advisory· Published Sep 21, 2006· Updated Jun 16, 2026
CVE-2006-4921
CVE-2006-4921
Description
PHP remote file inclusion vulnerability in Site@School (S@S) 2.4.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to starnet/modules/include/include.php. NOTE: some of these details are obtained from third party information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:siteatschool:siteatschool:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:siteatschool:siteatschool:*:*:*:*:*:*:*:*range: <=2.4.03
- cpe:2.3:a:siteatschool:siteatschool:2.4.02:*:*:*:*:*:*:*
- (no CPE)range: <=2.4.03
Patches
Vulnerability mechanics
References
5- secunia.com/advisories/21975nvdVendor Advisory
- marc.infonvd
- securitytracker.com/idnvd
- www.osvdb.org/28941nvd
- www.vupen.com/english/advisories/2006/3664nvd
News mentions
0No linked articles in our index yet.