Unrated severityNVD Advisory· Published Oct 3, 2006· Updated Apr 23, 2026

CVE-2006-5101

Description

PHP remote file inclusion vulnerability in include.php in Comdev CSV Importer 3.1 and possibly 4.1, as used in (1) Comdev Contact Form 3.1, (2) Comdev Customer Helpdesk 3.1, (3) Comdev Events Calendar 3.1, (4) Comdev FAQ Support 3.1, (5) Comdev Guestbook 3.1, (6) Comdev Links Directory 3.1, (7) Comdev News Publisher 3.1, (8) Comdev Newsletter 3.1, (9) Comdev Photo Gallery 3.1, (10) Comdev Vote Caster 3.1, (11) Comdev Web Blogger 3.1, and (12) Comdev eCommerce 3.1, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: it has been reported that 4.1 versions might also be affected.

Affected products

Comdev/Comdev Csv Importer2 versions
cpe:2.3:a:comdev:comdev_csv_importer:3.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:comdev:comdev_csv_importer:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:comdev:comdev_csv_importer:4.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/22133nvdVendor Advisory
secunia.com/advisories/22134nvdVendor Advisory
secunia.com/advisories/22135nvdVendor Advisory
secunia.com/advisories/22147nvdVendor Advisory
secunia.com/advisories/22149nvdVendor Advisory
secunia.com/advisories/22151nvdVendor Advisory
secunia.com/advisories/22153nvdVendor Advisory
secunia.com/advisories/22154nvdVendor Advisory
secunia.com/advisories/22157nvdVendor Advisory
secunia.com/advisories/22168nvdVendor Advisory
secunia.com/advisories/22169nvdVendor Advisory
secunia.com/advisories/22170nvdVendor Advisory
www.vupen.com/english/advisories/2006/3804nvdVendor Advisory
www.vupen.com/english/advisories/2006/3807nvdVendor Advisory
www.vupen.com/english/advisories/2006/3808nvdVendor Advisory
www.vupen.com/english/advisories/2006/3809nvdVendor Advisory
www.vupen.com/english/advisories/2006/3813nvdVendor Advisory
www.vupen.com/english/advisories/2006/3815nvdVendor Advisory
securityreason.com/securityalert/1658nvd
www.osvdb.org/29299nvd
www.osvdb.org/29300nvd
www.osvdb.org/29301nvd
www.osvdb.org/29302nvd
www.osvdb.org/29303nvd
www.osvdb.org/29304nvd
www.osvdb.org/29305nvd
www.osvdb.org/29306nvd
www.osvdb.org/29307nvd
www.osvdb.org/29308nvd
www.osvdb.org/29309nvd
www.osvdb.org/29310nvd
www.osvdb.org/29311nvd
www.securityfocus.com/archive/1/447184/100/0/threadednvd
www.securityfocus.com/archive/1/447185/100/0/threadednvd
www.securityfocus.com/archive/1/447186/100/0/threadednvd
www.securityfocus.com/archive/1/447187/100/0/threadednvd
www.securityfocus.com/archive/1/447188/100/0/threadednvd
www.securityfocus.com/archive/1/447190/100/0/threadednvd
www.securityfocus.com/archive/1/447192/100/0/threadednvd
www.securityfocus.com/archive/1/447193/100/0/threadednvd
www.securityfocus.com/archive/1/447194/100/0/threadednvd
www.securityfocus.com/archive/1/447201/100/0/threadednvd
www.securityfocus.com/archive/1/447207/100/0/threadednvd
www.securityfocus.com/archive/1/447209/100/0/threadednvd
www.securityfocus.com/archive/1/447213/100/0/threadednvd
www.vupen.com/english/advisories/2006/3803nvd
www.vupen.com/english/advisories/2006/3805nvd
www.vupen.com/english/advisories/2006/3806nvd
www.vupen.com/english/advisories/2006/3810nvd
www.vupen.com/english/advisories/2006/3811nvd
www.vupen.com/english/advisories/2006/3812nvd
www.vupen.com/english/advisories/2006/3814nvd
exchange.xforce.ibmcloud.com/vulnerabilities/29220nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000