CVE-2006-2256 | Vulnerability Database | Aqua Security

PHP remote file inclusion vulnerability in includes/dbal.php in EQdkp 1.3.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the eqdkp_root_path parameter.

Affected Software

Name	Vendor	Start Version	End Version
Eqdkp	Eqdkp	1.1.0 (including)	1.1.0 (including)
Eqdkp	Eqdkp	1.2.0 (including)	1.2.0 (including)
Eqdkp	Eqdkp	1.3.0 (including)	1.3.0 (including)
Eqdkp	Eqdkp	1.3_p4 (including)	1.3_p4 (including)

References

http://secunia.com/advisories/20040
http://www.osvdb.org/25339
http://www.securityfocus.com/bid/17888
http://www.vupen.com/english/advisories/2006/1693
https://exchange.xforce.ibmcloud.com/vulnerabilities/26357
https://www.exploit-db.com/exploits/1764
http://secunia.com/advisories/20040
http://www.osvdb.org/25339
http://www.securityfocus.com/bid/17888
http://www.vupen.com/english/advisories/2006/1693
https://exchange.xforce.ibmcloud.com/vulnerabilities/26357
https://www.exploit-db.com/exploits/1764

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-2256
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html