← Back to CVEs
CVE-2006-2877
N/ADescription
PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlier allows remote attackers to include arbitrary PHP files via the include_prefix parameter in (1) inc/dbase.php, (2) inc/config.php, (3) inc/common.php, and (4) inc/function.php. NOTE: it has been reported that the inc directory is protected by a .htaccess file, so this issue only applies in certain environments or configurations.
CVE Details
CVSS v3.1 ScoreN/A
Published6/7/2006
Last Modified4/16/2026
Sourcenvd
Honeypot Sightings0
Affected Products
sangwan_kim:bookmark4u
References
http://secunia.com/advisories/19758(cve@mitre.org)
http://securityreason.com/securityalert/1058(cve@mitre.org)
http://securitytracker.com/id?1016224(cve@mitre.org)
http://www.osvdb.org/26599(cve@mitre.org)
http://www.osvdb.org/26600(cve@mitre.org)
http://www.osvdb.org/26601(cve@mitre.org)
http://www.osvdb.org/26602(cve@mitre.org)
http://www.securityfocus.com/archive/1/435964/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/archive/1/436027/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/18281(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26933(cve@mitre.org)
http://secunia.com/advisories/19758(af854a3a-2127-422b-91ae-364da2661108)
http://securityreason.com/securityalert/1058(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1016224(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/26599(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/26600(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/26601(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/26602(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/435964/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/436027/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/18281(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26933(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.