Multiple PHP remote file inclusion vulnerabilities in Exhibit Engine (EE) 1.22, and possibly earlier, allow remote attackers to execute arbitrary PHP code via a URL in the toroot parameter to (1) fetchsettings.php or (2) fstyles.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www.securityfocus.com/bid/20793 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-09-16T19:36:27.344Z
Reserved: 2007-03-30T00:00:00Z
Link: CVE-2006-7184

No data.

Status : Deferred
Published: 2007-03-30T21:19:00.000
Modified: 2025-04-09T00:30:58.490
Link: CVE-2006-7184

No data.