Unrated severityNVD Advisory· Published Dec 23, 2006· Updated Apr 23, 2026
CVE-2006-6710
CVE-2006-6710
Description
Multiple PHP remote file inclusion vulnerabilities in PgmReloaded 0.8.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang parameter to (a) index.php, the (2) CFG[libdir] and (3) CFG[localedir] parameters to (b) common.inc.php, and the CFG[localelangdir] parameter to (c) form_header.php.
Affected products
12cpe:2.3:a:matteolucarelli:pgmreloaded:*:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:matteolucarelli:pgmreloaded:*:*:*:*:*:*:*:*range: <=0.8.5
- cpe:2.3:a:matteolucarelli:pgmreloaded:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:matteolucarelli:pgmreloaded:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:matteolucarelli:pgmreloaded:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:matteolucarelli:pgmreloaded:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:matteolucarelli:pgmreloaded:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:matteolucarelli:pgmreloaded:0.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:matteolucarelli:pgmreloaded:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:matteolucarelli:pgmreloaded:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:matteolucarelli:pgmreloaded:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:matteolucarelli:pgmreloaded:0.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:matteolucarelli:pgmreloaded:0.8.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.securityfocus.com/bid/21696nvdExploit
- secunia.com/advisories/23480nvdVendor Advisory
- www.vupen.com/english/advisories/2006/5116nvd
- www.exploit-db.com/exploits/2971nvd
News mentions
0No linked articles in our index yet.