Unrated severityNVD Advisory· Published Dec 10, 2006· Updated Jun 16, 2026

CVE-2006-6417

Description

PHP remote file inclusion vulnerability in inc/CONTROL/import/import-mt.php in b2evolution 1.8.5 through 1.9 beta allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

B2evolution/B2evolutioninferred2 versions
>=1.8.5,<=1.9-beta+ 1 more
- (no CPE)range: >=1.8.5,<=1.9-beta
- (no CPE)range: <=1.9 beta

Patches

Vulnerability mechanics

References

www.securityfocus.com/bid/21332nvdExploit
secunia.com/advisories/23346nvd
securityreason.com/securityalert/2006nvd
www.securityfocus.com/archive/1/452998/100/100/threadednvd
www.vupen.com/english/advisories/2006/4938nvd
exchange.xforce.ibmcloud.com/vulnerabilities/30580nvd
tiifp.org/tarkus/advisories/b2evolution111106_01.txtnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000