CVE-2006-6417

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/12/2006
Last modified:
09/04/2025

Description

PHP remote file inclusion vulnerability in inc/CONTROL/import/import-mt.php in b2evolution 1.8.5 through 1.9 beta allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:b2evolution:b2evolution:1.8.5:*:*:*:*:*:*:*
cpe:2.3:a:b2evolution:b2evolution:1.9:*:*:*:*:*:*:*
cpe:2.3:a:b2evolution:b2evolution:1.9_beta:*:*:*:*:*:*:*