Unrated severityNVD Advisory· Published Sep 28, 2006· Updated Jun 16, 2026

CVE-2006-5070

Description

PHP remote file inclusion vulnerability in fsl2/objects/fs_form_links.php in faceStones Personal 2.0.42 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[fsinit][objpath] parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Facestones/Facestones
cpe:2.3:a:facestones:facestones:*:*:*:*:*:*:*:*
Range: <=personal_2.0.42
Nprotect/Personalllm-fuzzy
Range: <= 2.0.42

Patches

Vulnerability mechanics

References

secunia.com/advisories/22107nvdExploitVendor Advisory
www.osvdb.org/29178nvdExploit
www.securityfocus.com/bid/20188nvdExploit
www.vupen.com/english/advisories/2006/3771nvd
exchange.xforce.ibmcloud.com/vulnerabilities/29147nvd
www.exploit-db.com/exploits/2434nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000