Unrated severityNVD Advisory· Published Dec 21, 2006· Updated Jun 16, 2026
CVE-2006-6678
CVE-2006-6678
Description
The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.