CVE-2006-0786

EPSS 3.38% · P88 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-0786

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Incomplete blacklist vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier, with allow_url_fopen enabled, allows remote attackers to conduct PHP remote file include attacks via a path parameter that specifies a (1) UNC share or (2) ftps URL, which bypasses the check for "http://", "ftp://", and "https://" URLs.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

PHPKit UNC路径远程文件包含漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

PHPKIT是一套基于Web的内容管理系统（CMS）。该系统提供论坛、留言板等模块。 PHPKIT处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。PHPKIT的include.php没有正确验证path参数中的数据，远程攻击者可以在输入中插入UNC路径或FTPS资源，包含远程服务器上的SMB或FTP服务器的PHP脚本代码执行。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-0786

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-0786

请登录查看更多情报信息。

http://retrogod.altervista.org/phpkit_161r2_incl_xpl.htmlx_refsource_MISC
http://securityreason.com/securityalert/445third-party-advisoryx_refsource_SREASON
http://securitytracker.com/id?1015640vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/archive/1/425196/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-0786

Same Patch Batch · n/a · 2006-02-19 · 28 CVEs total

CVE-2006-0783		Siteframe Beaumont Page.PHP 跨站脚本攻击漏洞
CVE-2006-0779		XMB Forum ‘u2u.php’ 跨站脚本攻击漏洞
CVE-2006-0778		XMB Forum多个SQL注入漏洞
CVE-2006-0777		Teca Scripts Guestex ‘guestex.pl’ 未明漏洞
CVE-2006-0776		Teca Scripts Guestex ‘guestex.pl’跨站脚本攻击漏洞
CVE-2006-0775		BirthSys ‘show.php’多个SQL注入漏洞
CVE-2006-0774		Lawrence Osiris DB_eSession Class SQL注入漏洞
CVE-2006-0773		Hitachi Business Logic跨站脚本攻击漏洞
CVE-2006-0772		Hitachi Business Logic - Container 多个输入验证漏洞
CVE-2006-0789		Kyocera打印机默认"admin"帐号及空密码漏洞
CVE-2006-0788		Kyocera 3830打印机未授权访问漏洞
CVE-2006-0787		Wimpy MP3 Player文本文件覆盖漏洞
CVE-2006-0785		PHPKIT include.php 绝对路径遍历漏洞
CVE-2006-0784		D-Link DWL-G700AP httpd远程拒绝服务漏洞
CVE-2006-0790		Rockliffe MailSite拒绝服务漏洞
CVE-2006-0782		PerlBlog ‘weblog.pl’未明漏洞
CVE-2006-0781		PerlBlog ‘weblog.pl’目录遍历漏洞
CVE-2006-0780		PerlBlog ‘weblog.pl’跨站脚本攻击漏洞
CVE-2006-0799		Microsoft Internet Explorer 锚元素钓鱼攻击漏洞
CVE-2006-0798		Macallan Mail Solution IMAP 目录遍历漏洞

Showing top 20 of 28 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-0786

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2006-0786

I. Basic Information for CVE-2006-0786

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-0786

III. Intelligence Information for CVE-2006-0786

Same Patch Batch · n/a · 2006-02-19 · 28 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2006-0786

Leave a comment