Search

Find a vulnerability

Search criteria

    4 vulnerabilities by squery

    CVE-2006-1688 (GCVE-0-2006-1688)

    Vulnerability from nvd – Published: 2006-04-10 23:00 – Updated: 2024-08-07 17:19
    VLAI
    Summary
    Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allow remote attackers to execute arbitrary PHP code via a URL in the libpath parameter to scripts in the lib directory including (1) ase.php, (2) devi.php, (3) doom3.php, (4) et.php, (5) flashpoint.php, (6) gameSpy.php, (7) gameSpy2.php, (8) gore.php, (9) gsvari.php, (10) halo.php, (11) hlife.php, (12) hlife2.php, (13) igi2.php, (14) main.lib.php, (15) netpanzer.php, (16) old_hlife.php, (17) pkill.php, (18) q2a.php, (19) q3a.php, (20) qworld.php, (21) rene.php, (22) rvbshld.php, (23) savage.php, (24) simracer.php, (25) sof1.php, (26) sof2.php, (27) unreal.php, (28) ut2004.php, and (29) vietcong.php. NOTE: the lib/armygame.php vector is already covered by CVE-2006-1610. The provenance of most of these additional vectors is unknown, although likely from post-disclosure analysis. NOTE: this only occurs when register_globals is disabled.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/24402 vdb-entryx_refsource_OSVDB
    http://www.blogcu.com/Liz0ziM/431845/ x_refsource_MISC
    http://www.osvdb.org/24404 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24411 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2006/1284 vdb-entryx_refsource_VUPEN
    http://www.osvdb.org/24403 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24421 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24428 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24407 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24414 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24424 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24425 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24410 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24413 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/17434 vdb-entryx_refsource_BID
    http://www.osvdb.org/24412 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24406 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/679 third-party-advisoryx_refsource_SREASON
    http://www.osvdb.org/24409 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/19588 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/24423 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24416 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24408 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24405 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24427 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/439874/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/430289/100… mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/24418 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/19482 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/441015/100… mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/24426 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24401 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24429 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24422 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24420 vdb-entryx_refsource_OSVDB
    http://liz0zim.no-ip.org/alp.txt x_refsource_MISC
    http://www.osvdb.org/24419 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1015884 vdb-entryx_refsource_SECTRACK
    http://www.osvdb.org/24417 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24415 vdb-entryx_refsource_OSVDB
    Date Public
    2006-04-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:19:49.444Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "24402",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24402"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.blogcu.com/Liz0ziM/431845/"
              },
              {
                "name": "24404",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24404"
              },
              {
                "name": "24411",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24411"
              },
              {
                "name": "ADV-2006-1284",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1284"
              },
              {
                "name": "24403",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24403"
              },
              {
                "name": "24421",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24421"
              },
              {
                "name": "24428",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24428"
              },
              {
                "name": "24407",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24407"
              },
              {
                "name": "24414",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24414"
              },
              {
                "name": "24424",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24424"
              },
              {
                "name": "24425",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24425"
              },
              {
                "name": "24410",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24410"
              },
              {
                "name": "24413",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24413"
              },
              {
                "name": "17434",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17434"
              },
              {
                "name": "24412",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24412"
              },
              {
                "name": "24406",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24406"
              },
              {
                "name": "679",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/679"
              },
              {
                "name": "24409",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24409"
              },
              {
                "name": "19588",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19588"
              },
              {
                "name": "24423",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24423"
              },
              {
                "name": "24416",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24416"
              },
              {
                "name": "24408",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24408"
              },
              {
                "name": "24405",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24405"
              },
              {
                "name": "24427",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24427"
              },
              {
                "name": "20060710 SQuery \u003c= 4.5(libpath) Remote File Inclusion Exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/439874/100/0/threaded"
              },
              {
                "name": "20060408 Autonomous LAN party File iNclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/430289/100/0/threaded"
              },
              {
                "name": "24418",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24418"
              },
              {
                "name": "19482",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19482"
              },
              {
                "name": "20060724 SQuery v.x (devi.php) (armygame.php) Remote File Inclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/441015/100/0/threaded"
              },
              {
                "name": "24426",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24426"
              },
              {
                "name": "24401",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24401"
              },
              {
                "name": "24429",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24429"
              },
              {
                "name": "24422",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24422"
              },
              {
                "name": "24420",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24420"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://liz0zim.no-ip.org/alp.txt"
              },
              {
                "name": "24419",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24419"
              },
              {
                "name": "1015884",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015884"
              },
              {
                "name": "24417",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24417"
              },
              {
                "name": "24415",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24415"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-04-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allow remote attackers to execute arbitrary PHP code via a URL in the libpath parameter to scripts in the lib directory including (1) ase.php, (2) devi.php, (3) doom3.php, (4) et.php, (5) flashpoint.php, (6) gameSpy.php, (7) gameSpy2.php, (8) gore.php, (9) gsvari.php, (10) halo.php, (11) hlife.php, (12) hlife2.php, (13) igi2.php, (14) main.lib.php, (15) netpanzer.php, (16) old_hlife.php, (17) pkill.php, (18) q2a.php, (19) q3a.php, (20) qworld.php, (21) rene.php, (22) rvbshld.php, (23) savage.php, (24) simracer.php, (25) sof1.php, (26) sof2.php, (27) unreal.php, (28) ut2004.php, and (29) vietcong.php. NOTE: the lib/armygame.php vector is already covered by CVE-2006-1610. The provenance of most of these additional vectors is unknown, although likely from post-disclosure analysis.  NOTE: this only occurs when register_globals is disabled."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "24402",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24402"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.blogcu.com/Liz0ziM/431845/"
            },
            {
              "name": "24404",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24404"
            },
            {
              "name": "24411",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24411"
            },
            {
              "name": "ADV-2006-1284",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1284"
            },
            {
              "name": "24403",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24403"
            },
            {
              "name": "24421",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24421"
            },
            {
              "name": "24428",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24428"
            },
            {
              "name": "24407",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24407"
            },
            {
              "name": "24414",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24414"
            },
            {
              "name": "24424",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24424"
            },
            {
              "name": "24425",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24425"
            },
            {
              "name": "24410",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24410"
            },
            {
              "name": "24413",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24413"
            },
            {
              "name": "17434",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17434"
            },
            {
              "name": "24412",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24412"
            },
            {
              "name": "24406",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24406"
            },
            {
              "name": "679",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/679"
            },
            {
              "name": "24409",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24409"
            },
            {
              "name": "19588",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19588"
            },
            {
              "name": "24423",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24423"
            },
            {
              "name": "24416",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24416"
            },
            {
              "name": "24408",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24408"
            },
            {
              "name": "24405",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24405"
            },
            {
              "name": "24427",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24427"
            },
            {
              "name": "20060710 SQuery \u003c= 4.5(libpath) Remote File Inclusion Exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/439874/100/0/threaded"
            },
            {
              "name": "20060408 Autonomous LAN party File iNclusion",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/430289/100/0/threaded"
            },
            {
              "name": "24418",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24418"
            },
            {
              "name": "19482",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19482"
            },
            {
              "name": "20060724 SQuery v.x (devi.php) (armygame.php) Remote File Inclusion",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/441015/100/0/threaded"
            },
            {
              "name": "24426",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24426"
            },
            {
              "name": "24401",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24401"
            },
            {
              "name": "24429",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24429"
            },
            {
              "name": "24422",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24422"
            },
            {
              "name": "24420",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24420"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://liz0zim.no-ip.org/alp.txt"
            },
            {
              "name": "24419",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24419"
            },
            {
              "name": "1015884",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015884"
            },
            {
              "name": "24417",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24417"
            },
            {
              "name": "24415",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24415"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1688",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allow remote attackers to execute arbitrary PHP code via a URL in the libpath parameter to scripts in the lib directory including (1) ase.php, (2) devi.php, (3) doom3.php, (4) et.php, (5) flashpoint.php, (6) gameSpy.php, (7) gameSpy2.php, (8) gore.php, (9) gsvari.php, (10) halo.php, (11) hlife.php, (12) hlife2.php, (13) igi2.php, (14) main.lib.php, (15) netpanzer.php, (16) old_hlife.php, (17) pkill.php, (18) q2a.php, (19) q3a.php, (20) qworld.php, (21) rene.php, (22) rvbshld.php, (23) savage.php, (24) simracer.php, (25) sof1.php, (26) sof2.php, (27) unreal.php, (28) ut2004.php, and (29) vietcong.php. NOTE: the lib/armygame.php vector is already covered by CVE-2006-1610. The provenance of most of these additional vectors is unknown, although likely from post-disclosure analysis.  NOTE: this only occurs when register_globals is disabled."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "24402",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24402"
                },
                {
                  "name": "http://www.blogcu.com/Liz0ziM/431845/",
                  "refsource": "MISC",
                  "url": "http://www.blogcu.com/Liz0ziM/431845/"
                },
                {
                  "name": "24404",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24404"
                },
                {
                  "name": "24411",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24411"
                },
                {
                  "name": "ADV-2006-1284",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1284"
                },
                {
                  "name": "24403",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24403"
                },
                {
                  "name": "24421",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24421"
                },
                {
                  "name": "24428",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24428"
                },
                {
                  "name": "24407",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24407"
                },
                {
                  "name": "24414",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24414"
                },
                {
                  "name": "24424",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24424"
                },
                {
                  "name": "24425",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24425"
                },
                {
                  "name": "24410",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24410"
                },
                {
                  "name": "24413",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24413"
                },
                {
                  "name": "17434",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17434"
                },
                {
                  "name": "24412",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24412"
                },
                {
                  "name": "24406",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24406"
                },
                {
                  "name": "679",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/679"
                },
                {
                  "name": "24409",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24409"
                },
                {
                  "name": "19588",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19588"
                },
                {
                  "name": "24423",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24423"
                },
                {
                  "name": "24416",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24416"
                },
                {
                  "name": "24408",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24408"
                },
                {
                  "name": "24405",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24405"
                },
                {
                  "name": "24427",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24427"
                },
                {
                  "name": "20060710 SQuery \u003c= 4.5(libpath) Remote File Inclusion Exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/439874/100/0/threaded"
                },
                {
                  "name": "20060408 Autonomous LAN party File iNclusion",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/430289/100/0/threaded"
                },
                {
                  "name": "24418",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24418"
                },
                {
                  "name": "19482",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19482"
                },
                {
                  "name": "20060724 SQuery v.x (devi.php) (armygame.php) Remote File Inclusion",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/441015/100/0/threaded"
                },
                {
                  "name": "24426",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24426"
                },
                {
                  "name": "24401",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24401"
                },
                {
                  "name": "24429",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24429"
                },
                {
                  "name": "24422",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24422"
                },
                {
                  "name": "24420",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24420"
                },
                {
                  "name": "http://liz0zim.no-ip.org/alp.txt",
                  "refsource": "MISC",
                  "url": "http://liz0zim.no-ip.org/alp.txt"
                },
                {
                  "name": "24419",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24419"
                },
                {
                  "name": "1015884",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015884"
                },
                {
                  "name": "24417",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24417"
                },
                {
                  "name": "24415",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24415"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1688",
        "datePublished": "2006-04-10T23:00:00.000Z",
        "dateReserved": "2006-04-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:19:49.444Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1610 (GCVE-0-2006-1610)

    Vulnerability from nvd – Published: 2006-04-04 10:00 – Updated: 2024-08-07 17:19
    VLAI
    Summary
    PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter. NOTE: this only occurs when register_globals is disabled.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/17434 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2006/1204 vdb-entryx_refsource_VUPEN
    https://www.exploit-db.com/exploits/1629 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/19482 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/429611/100… mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/24400 vdb-entryx_refsource_OSVDB
    Date Public
    2006-04-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:19:48.622Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "17434",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17434"
              },
              {
                "name": "squery-file-include(25605)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25605"
              },
              {
                "name": "ADV-2006-1204",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1204"
              },
              {
                "name": "1629",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/1629"
              },
              {
                "name": "19482",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19482"
              },
              {
                "name": "20060401 SQuery \u003c= 4.5 Remote File Inclusion Exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/429611/100/0/threaded"
              },
              {
                "name": "24400",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24400"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-04-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter.  NOTE: this only occurs when register_globals is disabled."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "17434",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17434"
            },
            {
              "name": "squery-file-include(25605)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25605"
            },
            {
              "name": "ADV-2006-1204",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1204"
            },
            {
              "name": "1629",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/1629"
            },
            {
              "name": "19482",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19482"
            },
            {
              "name": "20060401 SQuery \u003c= 4.5 Remote File Inclusion Exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/429611/100/0/threaded"
            },
            {
              "name": "24400",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24400"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1610",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter.  NOTE: this only occurs when register_globals is disabled."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "17434",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17434"
                },
                {
                  "name": "squery-file-include(25605)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25605"
                },
                {
                  "name": "ADV-2006-1204",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1204"
                },
                {
                  "name": "1629",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/1629"
                },
                {
                  "name": "19482",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19482"
                },
                {
                  "name": "20060401 SQuery \u003c= 4.5 Remote File Inclusion Exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/429611/100/0/threaded"
                },
                {
                  "name": "24400",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24400"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1610",
        "datePublished": "2006-04-04T10:00:00.000Z",
        "dateReserved": "2006-04-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:19:48.622Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1688 (GCVE-0-2006-1688)

    Vulnerability from cvelistv5 – Published: 2006-04-10 23:00 – Updated: 2024-08-07 17:19
    VLAI
    Summary
    Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allow remote attackers to execute arbitrary PHP code via a URL in the libpath parameter to scripts in the lib directory including (1) ase.php, (2) devi.php, (3) doom3.php, (4) et.php, (5) flashpoint.php, (6) gameSpy.php, (7) gameSpy2.php, (8) gore.php, (9) gsvari.php, (10) halo.php, (11) hlife.php, (12) hlife2.php, (13) igi2.php, (14) main.lib.php, (15) netpanzer.php, (16) old_hlife.php, (17) pkill.php, (18) q2a.php, (19) q3a.php, (20) qworld.php, (21) rene.php, (22) rvbshld.php, (23) savage.php, (24) simracer.php, (25) sof1.php, (26) sof2.php, (27) unreal.php, (28) ut2004.php, and (29) vietcong.php. NOTE: the lib/armygame.php vector is already covered by CVE-2006-1610. The provenance of most of these additional vectors is unknown, although likely from post-disclosure analysis. NOTE: this only occurs when register_globals is disabled.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/24402 vdb-entryx_refsource_OSVDB
    http://www.blogcu.com/Liz0ziM/431845/ x_refsource_MISC
    http://www.osvdb.org/24404 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24411 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2006/1284 vdb-entryx_refsource_VUPEN
    http://www.osvdb.org/24403 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24421 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24428 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24407 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24414 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24424 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24425 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24410 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24413 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/17434 vdb-entryx_refsource_BID
    http://www.osvdb.org/24412 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24406 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/679 third-party-advisoryx_refsource_SREASON
    http://www.osvdb.org/24409 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/19588 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/24423 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24416 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24408 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24405 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24427 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/439874/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/430289/100… mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/24418 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/19482 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/441015/100… mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/24426 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24401 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24429 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24422 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24420 vdb-entryx_refsource_OSVDB
    http://liz0zim.no-ip.org/alp.txt x_refsource_MISC
    http://www.osvdb.org/24419 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1015884 vdb-entryx_refsource_SECTRACK
    http://www.osvdb.org/24417 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/24415 vdb-entryx_refsource_OSVDB
    Date Public
    2006-04-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:19:49.444Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "24402",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24402"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.blogcu.com/Liz0ziM/431845/"
              },
              {
                "name": "24404",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24404"
              },
              {
                "name": "24411",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24411"
              },
              {
                "name": "ADV-2006-1284",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1284"
              },
              {
                "name": "24403",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24403"
              },
              {
                "name": "24421",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24421"
              },
              {
                "name": "24428",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24428"
              },
              {
                "name": "24407",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24407"
              },
              {
                "name": "24414",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24414"
              },
              {
                "name": "24424",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24424"
              },
              {
                "name": "24425",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24425"
              },
              {
                "name": "24410",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24410"
              },
              {
                "name": "24413",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24413"
              },
              {
                "name": "17434",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17434"
              },
              {
                "name": "24412",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24412"
              },
              {
                "name": "24406",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24406"
              },
              {
                "name": "679",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/679"
              },
              {
                "name": "24409",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24409"
              },
              {
                "name": "19588",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19588"
              },
              {
                "name": "24423",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24423"
              },
              {
                "name": "24416",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24416"
              },
              {
                "name": "24408",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24408"
              },
              {
                "name": "24405",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24405"
              },
              {
                "name": "24427",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24427"
              },
              {
                "name": "20060710 SQuery \u003c= 4.5(libpath) Remote File Inclusion Exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/439874/100/0/threaded"
              },
              {
                "name": "20060408 Autonomous LAN party File iNclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/430289/100/0/threaded"
              },
              {
                "name": "24418",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24418"
              },
              {
                "name": "19482",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19482"
              },
              {
                "name": "20060724 SQuery v.x (devi.php) (armygame.php) Remote File Inclusion",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/441015/100/0/threaded"
              },
              {
                "name": "24426",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24426"
              },
              {
                "name": "24401",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24401"
              },
              {
                "name": "24429",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24429"
              },
              {
                "name": "24422",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24422"
              },
              {
                "name": "24420",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24420"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://liz0zim.no-ip.org/alp.txt"
              },
              {
                "name": "24419",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24419"
              },
              {
                "name": "1015884",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015884"
              },
              {
                "name": "24417",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24417"
              },
              {
                "name": "24415",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24415"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-04-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allow remote attackers to execute arbitrary PHP code via a URL in the libpath parameter to scripts in the lib directory including (1) ase.php, (2) devi.php, (3) doom3.php, (4) et.php, (5) flashpoint.php, (6) gameSpy.php, (7) gameSpy2.php, (8) gore.php, (9) gsvari.php, (10) halo.php, (11) hlife.php, (12) hlife2.php, (13) igi2.php, (14) main.lib.php, (15) netpanzer.php, (16) old_hlife.php, (17) pkill.php, (18) q2a.php, (19) q3a.php, (20) qworld.php, (21) rene.php, (22) rvbshld.php, (23) savage.php, (24) simracer.php, (25) sof1.php, (26) sof2.php, (27) unreal.php, (28) ut2004.php, and (29) vietcong.php. NOTE: the lib/armygame.php vector is already covered by CVE-2006-1610. The provenance of most of these additional vectors is unknown, although likely from post-disclosure analysis.  NOTE: this only occurs when register_globals is disabled."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "24402",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24402"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.blogcu.com/Liz0ziM/431845/"
            },
            {
              "name": "24404",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24404"
            },
            {
              "name": "24411",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24411"
            },
            {
              "name": "ADV-2006-1284",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1284"
            },
            {
              "name": "24403",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24403"
            },
            {
              "name": "24421",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24421"
            },
            {
              "name": "24428",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24428"
            },
            {
              "name": "24407",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24407"
            },
            {
              "name": "24414",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24414"
            },
            {
              "name": "24424",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24424"
            },
            {
              "name": "24425",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24425"
            },
            {
              "name": "24410",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24410"
            },
            {
              "name": "24413",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24413"
            },
            {
              "name": "17434",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17434"
            },
            {
              "name": "24412",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24412"
            },
            {
              "name": "24406",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24406"
            },
            {
              "name": "679",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/679"
            },
            {
              "name": "24409",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24409"
            },
            {
              "name": "19588",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19588"
            },
            {
              "name": "24423",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24423"
            },
            {
              "name": "24416",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24416"
            },
            {
              "name": "24408",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24408"
            },
            {
              "name": "24405",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24405"
            },
            {
              "name": "24427",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24427"
            },
            {
              "name": "20060710 SQuery \u003c= 4.5(libpath) Remote File Inclusion Exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/439874/100/0/threaded"
            },
            {
              "name": "20060408 Autonomous LAN party File iNclusion",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/430289/100/0/threaded"
            },
            {
              "name": "24418",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24418"
            },
            {
              "name": "19482",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19482"
            },
            {
              "name": "20060724 SQuery v.x (devi.php) (armygame.php) Remote File Inclusion",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/441015/100/0/threaded"
            },
            {
              "name": "24426",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24426"
            },
            {
              "name": "24401",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24401"
            },
            {
              "name": "24429",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24429"
            },
            {
              "name": "24422",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24422"
            },
            {
              "name": "24420",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24420"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://liz0zim.no-ip.org/alp.txt"
            },
            {
              "name": "24419",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24419"
            },
            {
              "name": "1015884",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015884"
            },
            {
              "name": "24417",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24417"
            },
            {
              "name": "24415",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24415"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1688",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allow remote attackers to execute arbitrary PHP code via a URL in the libpath parameter to scripts in the lib directory including (1) ase.php, (2) devi.php, (3) doom3.php, (4) et.php, (5) flashpoint.php, (6) gameSpy.php, (7) gameSpy2.php, (8) gore.php, (9) gsvari.php, (10) halo.php, (11) hlife.php, (12) hlife2.php, (13) igi2.php, (14) main.lib.php, (15) netpanzer.php, (16) old_hlife.php, (17) pkill.php, (18) q2a.php, (19) q3a.php, (20) qworld.php, (21) rene.php, (22) rvbshld.php, (23) savage.php, (24) simracer.php, (25) sof1.php, (26) sof2.php, (27) unreal.php, (28) ut2004.php, and (29) vietcong.php. NOTE: the lib/armygame.php vector is already covered by CVE-2006-1610. The provenance of most of these additional vectors is unknown, although likely from post-disclosure analysis.  NOTE: this only occurs when register_globals is disabled."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "24402",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24402"
                },
                {
                  "name": "http://www.blogcu.com/Liz0ziM/431845/",
                  "refsource": "MISC",
                  "url": "http://www.blogcu.com/Liz0ziM/431845/"
                },
                {
                  "name": "24404",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24404"
                },
                {
                  "name": "24411",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24411"
                },
                {
                  "name": "ADV-2006-1284",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1284"
                },
                {
                  "name": "24403",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24403"
                },
                {
                  "name": "24421",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24421"
                },
                {
                  "name": "24428",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24428"
                },
                {
                  "name": "24407",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24407"
                },
                {
                  "name": "24414",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24414"
                },
                {
                  "name": "24424",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24424"
                },
                {
                  "name": "24425",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24425"
                },
                {
                  "name": "24410",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24410"
                },
                {
                  "name": "24413",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24413"
                },
                {
                  "name": "17434",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17434"
                },
                {
                  "name": "24412",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24412"
                },
                {
                  "name": "24406",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24406"
                },
                {
                  "name": "679",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/679"
                },
                {
                  "name": "24409",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24409"
                },
                {
                  "name": "19588",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19588"
                },
                {
                  "name": "24423",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24423"
                },
                {
                  "name": "24416",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24416"
                },
                {
                  "name": "24408",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24408"
                },
                {
                  "name": "24405",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24405"
                },
                {
                  "name": "24427",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24427"
                },
                {
                  "name": "20060710 SQuery \u003c= 4.5(libpath) Remote File Inclusion Exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/439874/100/0/threaded"
                },
                {
                  "name": "20060408 Autonomous LAN party File iNclusion",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/430289/100/0/threaded"
                },
                {
                  "name": "24418",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24418"
                },
                {
                  "name": "19482",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19482"
                },
                {
                  "name": "20060724 SQuery v.x (devi.php) (armygame.php) Remote File Inclusion",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/441015/100/0/threaded"
                },
                {
                  "name": "24426",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24426"
                },
                {
                  "name": "24401",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24401"
                },
                {
                  "name": "24429",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24429"
                },
                {
                  "name": "24422",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24422"
                },
                {
                  "name": "24420",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24420"
                },
                {
                  "name": "http://liz0zim.no-ip.org/alp.txt",
                  "refsource": "MISC",
                  "url": "http://liz0zim.no-ip.org/alp.txt"
                },
                {
                  "name": "24419",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24419"
                },
                {
                  "name": "1015884",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015884"
                },
                {
                  "name": "24417",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24417"
                },
                {
                  "name": "24415",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24415"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1688",
        "datePublished": "2006-04-10T23:00:00.000Z",
        "dateReserved": "2006-04-10T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:19:49.444Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1610 (GCVE-0-2006-1610)

    Vulnerability from cvelistv5 – Published: 2006-04-04 10:00 – Updated: 2024-08-07 17:19
    VLAI
    Summary
    PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter. NOTE: this only occurs when register_globals is disabled.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/17434 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2006/1204 vdb-entryx_refsource_VUPEN
    https://www.exploit-db.com/exploits/1629 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/19482 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/429611/100… mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/24400 vdb-entryx_refsource_OSVDB
    Date Public
    2006-04-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:19:48.622Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "17434",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17434"
              },
              {
                "name": "squery-file-include(25605)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25605"
              },
              {
                "name": "ADV-2006-1204",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1204"
              },
              {
                "name": "1629",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/1629"
              },
              {
                "name": "19482",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19482"
              },
              {
                "name": "20060401 SQuery \u003c= 4.5 Remote File Inclusion Exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/429611/100/0/threaded"
              },
              {
                "name": "24400",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/24400"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-04-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter.  NOTE: this only occurs when register_globals is disabled."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "17434",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17434"
            },
            {
              "name": "squery-file-include(25605)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25605"
            },
            {
              "name": "ADV-2006-1204",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1204"
            },
            {
              "name": "1629",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/1629"
            },
            {
              "name": "19482",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19482"
            },
            {
              "name": "20060401 SQuery \u003c= 4.5 Remote File Inclusion Exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/429611/100/0/threaded"
            },
            {
              "name": "24400",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/24400"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1610",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter.  NOTE: this only occurs when register_globals is disabled."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "17434",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17434"
                },
                {
                  "name": "squery-file-include(25605)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25605"
                },
                {
                  "name": "ADV-2006-1204",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1204"
                },
                {
                  "name": "1629",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/1629"
                },
                {
                  "name": "19482",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19482"
                },
                {
                  "name": "20060401 SQuery \u003c= 4.5 Remote File Inclusion Exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/429611/100/0/threaded"
                },
                {
                  "name": "24400",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/24400"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1610",
        "datePublished": "2006-04-04T10:00:00.000Z",
        "dateReserved": "2006-04-04T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:19:48.622Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }