CVE-2006-1955

N/A Unknown

Published: April 21, 2006 Modified: April 16, 2026

Description

PHP remote file inclusion vulnerability in authent.php4 in Nicolas Fischer (aka NFec) RechnungsZentrale V2 1.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://archives.neohapsis.com/archives/bugtraq/2006-04/0384.html

Source: cve@mitre.org

http://secunia.com/advisories/19728

Source: cve@mitre.org

http://www.g-0.org/code/rz2-adv.html

Source: cve@mitre.org

Exploit URL Repurposed

http://www.osvdb.org/24753

Source: cve@mitre.org

http://www.securityfocus.com/bid/17589

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2006/1425

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/25912

Source: cve@mitre.org

https://www.exploit-db.com/exploits/1699

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2006-04/0384.html