{ "schema_version": "1.4.0", "id": "GHSA-79m3-3j3h-pwcm", "modified": "2022-05-01T07:17:09Z", "published": "2022-05-01T07:17:09Z", "aliases": [ "CVE-2006-4287" ], "details": "Multiple PHP remote file inclusion vulnerabilities in NES Game and NES System c108122 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) phphtmllib parameter to (a) phphtmllib/includes.php; tag_utils/ scripts including (b) divtag_utils.php, (c) form_utils.php, (d) html_utils.php, and (e) localinc.php; and widgets/ scripts including (f) FooterNav.php, (g) HTMLPageClass.php, (h) InfoTable.php, (i) localinc.php, (j) NavTable.php, and (k) TextNav.php.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4287" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28486" }, { "type": "WEB", "url": "https://www.exploit-db.com/exploits/2226" }, { "type": "WEB", "url": "http://secunia.com/advisories/21593" }, { "type": "WEB", "url": "http://www.osvdb.org/28044" }, { "type": "WEB", "url": "http://www.osvdb.org/28045" }, { "type": "WEB", "url": "http://www.osvdb.org/28046" }, { "type": "WEB", "url": "http://www.osvdb.org/28047" }, { "type": "WEB", "url": "http://www.osvdb.org/28048" }, { "type": "WEB", "url": "http://www.osvdb.org/28049" }, { "type": "WEB", "url": "http://www.osvdb.org/28050" }, { "type": "WEB", "url": "http://www.osvdb.org/28051" }, { "type": "WEB", "url": "http://www.osvdb.org/28052" }, { "type": "WEB", "url": "http://www.osvdb.org/28053" }, { "type": "WEB", "url": "http://www.osvdb.org/28054" }, { "type": "WEB", "url": "http://www.rahim.webd.pl/exploity/Exploits/61.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/19611" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2006/3339" } ], "database_specific": { "cwe_ids": [], "severity": "HIGH", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2006-08-22T17:04:00Z" } }