CVE-2006-4189

Name: CVE-2006-4189
Creator: NVD / NIST
Published: 2006-08-17T01:04:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 3.80%

Last modified Jun 16, 2026

CVE-2006-4189 is a vulnerability of currently unknown severity. Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) index.php, (2) aemodule.php, (3) browse.php, (4) cc.php, (5) click.php, (6) faq.php, (7) gallery.php, (8) im.php, (9) inbox.php, (10) join_form.php, (11) logout.php, (12) messages_inbox.php, and many other scripts.. EPSS estimates a 3.80% chance of exploitation in the next 30 days.

Description

Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) index.php, (2) aemodule.php, (3) browse.php, (4) cc.php, (5) click.php, (6) faq.php, (7) gallery.php, (8) im.php, (9) inbox.php, (10) join_form.php, (11) logout.php, (12) messages_inbox.php, and many other scripts.

Metrics

EPSS Probability

3.80%

88.7th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Boonex	Dolphin	5.1

References

http://secunia.com/advisories/21535Vendor Advisory
http://securitytracker.com/id?1016692Exploit
http://www.osvdb.org/28473Exploit
http://www.osvdb.org/28474Exploit
http://www.osvdb.org/28478Exploit
http://www.osvdb.org/28479Exploit
http://www.osvdb.org/28485Exploit
http://www.osvdb.org/28492Exploit
http://www.osvdb.org/28493Exploit
http://www.osvdb.org/28496Exploit
http://www.osvdb.org/28498Exploit
http://www.osvdb.org/28499Exploit
http://www.osvdb.org/28500Exploit
http://www.osvdb.org/28501Exploit
http://www.osvdb.org/28502Exploit
http://www.osvdb.org/28503Exploit
http://www.osvdb.org/28504Exploit
http://www.osvdb.org/28505Exploit
http://www.osvdb.org/28506Exploit
http://www.osvdb.org/28507Exploit
http://www.osvdb.org/28508Exploit
http://www.osvdb.org/28509Exploit
http://www.osvdb.org/28510Exploit
http://www.osvdb.org/28511Exploit
http://www.osvdb.org/28512Exploit
http://www.osvdb.org/28513Exploit
http://www.osvdb.org/28514Exploit
http://www.osvdb.org/28515Exploit
http://www.osvdb.org/28516Exploit
http://www.osvdb.org/28517Exploit
http://www.osvdb.org/28519Exploit
http://www.osvdb.org/28520Exploit
http://www.osvdb.org/28521Exploit
http://www.osvdb.org/28522Exploit
http://www.osvdb.org/28523Exploit
http://www.osvdb.org/28524Exploit
http://www.osvdb.org/28525Exploit
http://www.osvdb.org/28526Exploit
http://www.osvdb.org/28527Exploit
http://www.osvdb.org/28528Exploit
http://www.osvdb.org/28529Exploit
http://www.osvdb.org/28530Exploit
http://www.securityfocus.com/bid/21182
http://www.vupen.com/english/advisories/2006/3346
https://exchange.xforce.ibmcloud.com/vulnerabilities/28363
http://secunia.com/advisories/21535Vendor Advisory
http://securitytracker.com/id?1016692Exploit
http://www.osvdb.org/28473Exploit
http://www.osvdb.org/28474Exploit
http://www.osvdb.org/28478Exploit
http://www.osvdb.org/28479Exploit
http://www.osvdb.org/28485Exploit
http://www.osvdb.org/28492Exploit
http://www.osvdb.org/28493Exploit
http://www.osvdb.org/28496Exploit
http://www.osvdb.org/28498Exploit
http://www.osvdb.org/28499Exploit
http://www.osvdb.org/28500Exploit
http://www.osvdb.org/28501Exploit
http://www.osvdb.org/28502Exploit
http://www.osvdb.org/28503Exploit
http://www.osvdb.org/28504Exploit
http://www.osvdb.org/28505Exploit
http://www.osvdb.org/28506Exploit
http://www.osvdb.org/28507Exploit
http://www.osvdb.org/28508Exploit
http://www.osvdb.org/28509Exploit
http://www.osvdb.org/28510Exploit
http://www.osvdb.org/28511Exploit
http://www.osvdb.org/28512Exploit
http://www.osvdb.org/28513Exploit
http://www.osvdb.org/28514Exploit
http://www.osvdb.org/28515Exploit
http://www.osvdb.org/28516Exploit
http://www.osvdb.org/28517Exploit
http://www.osvdb.org/28519Exploit
http://www.osvdb.org/28520Exploit
http://www.osvdb.org/28521Exploit
http://www.osvdb.org/28522Exploit
http://www.osvdb.org/28523Exploit
http://www.osvdb.org/28524Exploit
http://www.osvdb.org/28525Exploit
http://www.osvdb.org/28526Exploit
http://www.osvdb.org/28527Exploit
http://www.osvdb.org/28528Exploit
http://www.osvdb.org/28529Exploit
http://www.osvdb.org/28530Exploit
http://www.securityfocus.com/bid/21182
http://www.vupen.com/english/advisories/2006/3346
https://exchange.xforce.ibmcloud.com/vulnerabilities/28363

Timeline

Published: Aug 17, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-4189?

How severe is CVE-2006-4189?

Severity scoring for CVE-2006-4189 is pending analysis. The EPSS model estimates a 3.80% probability of exploitation in the next 30 days.

How do I fix CVE-2006-4189?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-4189?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST