CVE-2006-2811

N/A Unknown
Published: June 05, 2006 Modified: April 16, 2026
View on NVD

Description

Multiple PHP remote file inclusion vulnerabilities in Cantico Ovidentia 5.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the babInstallPath parameter in (1) index.php, (2) topman.php, (3) approb.php, (4) vacadmb.php, (5) vacadma.php, (6) vacadm.php, (7) statart.php, (8) search.php, (9) posts.php, (10) options.php, (11) login.php, (12) frchart.php, (13) flbchart.php, (14) fileman.php, (15) faq.php, (16) event.php, (17) directory.php, (18) articles.php, (19) artedit.php, (20) calday.php, and additional unspecified PHP scripts. NOTE: the utilit.php vector is already covered by CVE-2005-1964.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://securityreason.com/securityalert/1033
Source: cve@mitre.org
http://www.osvdb.org/27209
Source: cve@mitre.org
http://www.osvdb.org/27211
Source: cve@mitre.org
http://www.osvdb.org/27212
Source: cve@mitre.org
http://www.osvdb.org/27213
Source: cve@mitre.org
http://www.osvdb.org/27214
Source: cve@mitre.org
http://www.osvdb.org/27215
Source: cve@mitre.org
http://www.osvdb.org/27216
Source: cve@mitre.org
http://www.osvdb.org/27217
Source: cve@mitre.org
http://www.osvdb.org/27218
Source: cve@mitre.org
http://www.osvdb.org/27219
Source: cve@mitre.org
http://www.osvdb.org/27220
Source: cve@mitre.org
http://www.osvdb.org/27221
Source: cve@mitre.org
http://www.osvdb.org/27222
Source: cve@mitre.org
http://www.osvdb.org/27223
Source: cve@mitre.org
http://www.osvdb.org/27224
Source: cve@mitre.org
http://www.osvdb.org/27225
Source: cve@mitre.org
http://www.osvdb.org/27226
Source: cve@mitre.org
http://www.osvdb.org/27227
Source: cve@mitre.org
http://www.osvdb.org/27228
Source: cve@mitre.org
http://www.osvdb.org/27229
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/435590/100/0/threaded
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/456893/100/200/threaded
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/459572/100/0/threaded
Source: cve@mitre.org
http://www.securityfocus.com/bid/18232
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/26981
Source: cve@mitre.org
http://securityreason.com/securityalert/1033
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27209
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27211
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27212
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27213
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27214
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27215
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27216
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27217
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27218
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27219
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27220
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27221
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27222
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27223
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27224
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27225
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27226
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27227
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27228
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/27229
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/435590/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/456893/100/200/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/459572/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/18232
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/26981
Source: af854a3a-2127-422b-91ae-364da2661108

52 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
7.2%
92th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

cantico