← back
CVE-2006-3040

CVE-2006-3040

EPSS 1.6%
PHP remote file inclusion vulnerability in talkbox.php in Amr Talkbox allows remote attackers to execute arbitrary PHP code via a URL in the direct parameter. NOTE: this issue has been disputed by CVE, since the $direct variable is set to a static value just before the include statement
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://securityreason.com/securityalert/1105https://exchange.xforce.ibmcloud.com/vulnerabilities/27122http://www.osvdb.org/27455http://www.securityfocus.com/archive/1/436993/100/0/threadedhttp://www.securityfocus.com/archive/1/437266/100/0/threaded