Unrated severityNVD Advisory· Published Feb 24, 2007· Updated Jun 16, 2026

CVE-2006-7052

Description

Multiple PHP remote file inclusion vulnerabilities in DotWidget For Articles (dotwidgeta) 0.2 allow remote attackers to execute arbitrary code via a URL in the (1) file_path parameter to (a) index.php, (b) showcatpicks.php, and (c) showarticle.php; and the (2) admin_header_file and (3) admin_footer_file parameters to (d) admin/authors.php, (e) admin/index.php, (f) admin/categories.php, (g) admin/editconfig.php, and (h) admin/articles.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Keith Reichley/Dotwidget For Articles
cpe:2.3:a:keith_reichley:dotwidget_for_articles:0.2:*:*:*:*:*:*:*
DotWidget For Articles/DotWidget For Articlesllm-create
Range: =0.2

Patches

Vulnerability mechanics

References

www.securityfocus.com/archive/1/437483nvdExploit
www.securityfocus.com/bid/18479nvdExploit
securityreason.com/securityalert/2308nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27327nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000