CVE-2006-2331

Exp

Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 allow remote attackers to include and execute arbitrary local files via (1) a .. (dot dot) in the settings[locale] parameter in infusions/last_seen_users_panel/last_seen_users_panel.php, and (2) a .. (dot dot) in the localeset parameter in setup.php. NOTE: the vendor states that this issue might exist due to problems in third party local files.

Published: 2006-05-12 Last update: 2026-04-16 Assigner: [email protected] Source: [email protected]

NVD Status：Modified，CVE State: published

View at NVD, CVE.org, EUVD

Conclusion & alert: CVE-2006-2331 is rated High Exploit Risk (71.7/100): CVSS Medium severity, with high exploitation likelihood (EPSS 11.07%, 93th percentile). Core evidence: 2 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2006-2331

EDB-ID	Source	Kind	Published	Link
1760	exploit_db	edb	2006-05-07	Exploit-DB ↗
—	nvd_ref	exploit_tag		Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2006-2331

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-09-22	12.54%	11.07%	-1.47%
2	2025-04-14	12.25%	12.54%	+0.29%
3	2025-03-30	—	12.25%	—

Full EPSS history (10 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2006-2331

CVSS metrics for this CVE.

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
6.4	2.0	MEDIUM	`AV:N/AC:L/Au:N/C:P/I:P/A:N` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:P) Partial confidentiality impact. Integrity impact (I:P) Partial integrity impact. Availability impact (A:N) No availability impact.	10.0	4.9	[email protected]

Weakness enumeration for CVE-2006-2331

Affected software / configurations for CVE-2006-2331

Vendor	Product	Version	Raw CPE
php_fusion	php_fusion	6.00.3	cpe:2.3:a:php_fusion:php_fusion:6.00.3:::::::*
php_fusion	php_fusion	6.00.105	cpe:2.3:a:php_fusion:php_fusion:6.00.105:::::::*
php_fusion	php_fusion	6.00.106	cpe:2.3:a:php_fusion:php_fusion:6.00.106:::::::*
php_fusion	php_fusion	6.00.107	cpe:2.3:a:php_fusion:php_fusion:6.00.107:::::::*
php_fusion	php_fusion	6.00.109	cpe:2.3:a:php_fusion:php_fusion:6.00.109:::::::*
php_fusion	php_fusion	6.00.110	cpe:2.3:a:php_fusion:php_fusion:6.00.110:::::::*
php_fusion	php_fusion	6.00.204	cpe:2.3:a:php_fusion:php_fusion:6.00.204:::::::*
php_fusion	php_fusion	6.00.206	cpe:2.3:a:php_fusion:php_fusion:6.00.206:::::::*
php_fusion	php_fusion	6.00.303	cpe:2.3:a:php_fusion:php_fusion:6.00.303:::::::*
php_fusion	php_fusion	6.00.304	cpe:2.3:a:php_fusion:php_fusion:6.00.304:::::::*
php_fusion	php_fusion	6.00.306	cpe:2.3:a:php_fusion:php_fusion:6.00.306:::::::*

References for CVE-2006-2331

URL	Tags
http://secunia.com/advisories/19992	Patch
http://securityreason.com/securityalert/194
http://securityreason.com/securityalert/873
http://www.osvdb.org/25538
http://www.osvdb.org/25539
http://www.php-fusion.co.uk/news.php	Patch
http://www.php-fusion.co.uk/news.php?readmore=321	Patch
http://www.securityfocus.com/archive/1/433277/100/0/threaded
http://www.securityfocus.com/bid/17898	Exploit
http://www.vupen.com/english/advisories/2006/1735
https://exchange.xforce.ibmcloud.com/vulnerabilities/26389

cvelogic Threat Intelligence