CVE-2006-1602

Published: Apr 4, 2006Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

PHP remote file inclusion vulnerability in includes/functions_common.php in the VWar Account module (vWar_Account) in PHPNuke Clan 3.0.1 allows remote attackers to include arbitrary files via a URL in the vwar_root2 parameter. NOTE: it is possible that this issue stems from a problem in VWar itself, but this is not clear.

Affected (1)

Products: Phpnuke Clan: Phpnuke Clan

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Phpnuke Clan Phpnuke Clan	Version 3.0.1

References (12)

http://secunia.com/advisories/19501

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/24481

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/429615/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/17356

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/1202

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/25609

Source: cve@mitre.org

http://secunia.com/advisories/19501

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.osvdb.org/24481

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/429615/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/17356

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/1202

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/25609

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.