Unrated severityNVD Advisory· Published Oct 3, 2006· Updated Apr 23, 2026

CVE-2006-5123

Description

Multiple PHP remote file inclusion vulnerabilities in Albrecht Guenther PHProjekt 5.1.x before 5.1.2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lib_path or (2) lang_path parameter in unspecified files, related to code changes intended to fix inclusion, a different vulnerability than CVE-2002-0451, CVE-2006-4204, and CVE-2006-4609.

Affected products

Phprojekt/Phprojekt6 versions
cpe:2.3:a:phprojekt:phprojekt:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:phprojekt:phprojekt:*:*:*:*:*:*:*:*range: <=5.1.1
- cpe:2.3:a:phprojekt:phprojekt:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:phprojekt:phprojekt:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:phprojekt:phprojekt:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:phprojekt:phprojekt:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:phprojekt:phprojekt:5.1_beta:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/22167nvdPatchVendor Advisory
www.hardened-php.net/advisory_062006.129.htmlnvdPatchVendor Advisory
www.phprojekt.com/modules.phpnvdPatch
www.securityfocus.com/bid/20268nvdPatch
securityreason.com/securityalert/1672nvd
www.osvdb.org/29290nvd
www.securityfocus.com/archive/1/447360/100/0/threadednvd
www.vupen.com/english/advisories/2006/3845nvd
exchange.xforce.ibmcloud.com/vulnerabilities/29262nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000