Unrated severityNVD Advisory· Published Dec 4, 2006· Updated Apr 23, 2026

CVE-2006-6285

Description

PHP remote file inclusion vulnerability in index.php in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) 1.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the externalConfig parameter. NOTE: CVE and other third parties dispute this vulnerability because $externalConfig is defined before use

Affected products

Kai Blankenhorn Bitfolge/Simple And Nice Index File
cpe:2.3:a:kai_blankenhorn_bitfolge:simple_and_nice_index_file:*:*:*:*:*:*:*:*
Range: <=1.5.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

attrition.org/pipermail/vim/2006-December/001159.htmlnvd
www.attrition.org/pipermail/vim/2006-December/001161.htmlnvd
www.securityfocus.com/bid/21378nvd
exchange.xforce.ibmcloud.com/vulnerabilities/30613nvd
www.exploit-db.com/exploits/2868nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000