Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

Vulnerability IntelligenceCVE-2006-2059

CVE-2006-2059

UNKNOWN

action_public/search

Published Apr 26, 2006

Modified 1 years ago

Details

action_public/search.php in Invision Power Board (IPB) 2.1.x and 2.0.x before 20060425 allows remote attackers to execute arbitrary PHP code via a search with a crafted value of the lastdate parameter, which alters the behavior of a regular expression to add a "#e" (execute) modifier.

References

http://forums.invisionpower.com/index.php?showtopic=213374

http://secunia.com/advisories/19830

http://securityreason.com/securityalert/796

http://www.osvdb.org/25005

http://www.securityfocus.com/archive/1/431990/100/0/threaded

http://www.securityfocus.com/archive/1/432226/100/0/threaded

http://www.securityfocus.com/archive/1/432451/100/0/threaded

http://www.securityfocus.com/archive/1/439607/100/0/threaded

http://www.securityfocus.com/bid/17695

http://www.vupen.com/english/advisories/2006/1534

https://exchange.xforce.ibmcloud.com/vulnerabilities/26070

https://www.cve.org/CVERecord?id=CVE-2006-2059

CVSS Analysis

CVSS v2.0

5.0

Exploitability

Access Vector

NetworkAV:N

Access Complexity

LowAC:L

Authentication

NoneAu:N

Impact

Confidentiality

NoneC:N

Integrity

PartialI:P

Availability

NoneA:N

5/AV:N/AC:L/Au:N/C:N/I:P/A:N

Ecosystems

Timeline

PublishedApr 26, 2006

ModifiedAug 7, 2024

CVE-2006-2059 | Mondoo Vulnerability Intelligence