CVE-2006-2256 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-2256

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

PHP remote file inclusion vulnerability in includes/dbal.php in EQdkp 1.3.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the eqdkp_root_path parameter.

Affected Software

Name	Vendor	Start Version	End Version
Eqdkp	Eqdkp	1.1.0 (including)	1.1.0 (including)
Eqdkp	Eqdkp	1.2.0 (including)	1.2.0 (including)
Eqdkp	Eqdkp	1.3.0 (including)	1.3.0 (including)
Eqdkp	Eqdkp	1.3_p4 (including)	1.3_p4 (including)

References

http://secunia.com/advisories/20040
http://www.osvdb.org/25339
http://www.securityfocus.com/bid/17888
http://www.vupen.com/english/advisories/2006/1693
https://exchange.xforce.ibmcloud.com/vulnerabilities/26357
https://www.exploit-db.com/exploits/1764