Unrated severityNVD Advisory· Published Oct 17, 2006· Updated Jun 16, 2026

CVE-2006-5308

Description

Multiple PHP remote file inclusion vulnerabilities in Open Conference Systems (OCS) before 1.1.6 allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter in (1) include/theme.inc.php or (2) include/footer.inc.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Open Conference Systems/Open Conference Systems
cpe:2.3:a:open_conference_systems:open_conference_systems:*:*:*:*:*:*:*:*
Range: <=1.1.5
OCS/Open Conference Systemsllm-create
Range: <1.1.6

Patches

Vulnerability mechanics

References

secunia.com/advisories/22412nvdPatchVendor Advisory
www.securityfocus.com/bid/20567nvdPatch
securitytracker.com/idnvdExploitPatch
isc.sans.org/diary.phpnvd
pkp.sfu.ca/ocs_downloadnvd
pkp.sfu.ca:8043/bugzilla/attachment.cginvd
pkp.sfu.ca:8043/bugzilla/show_bug.cginvd
www.securityfocus.com/archive/1/448548/100/0/threadednvd
www.vupen.com/english/advisories/2006/4041nvd
exchange.xforce.ibmcloud.com/vulnerabilities/29517nvd
www.exploit-db.com/exploits/2536nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000