This page aggregates publicly disclosed CVE and security risk information related to aroundme, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2009-4264 | PHP remote file inclusion vulnerability in components/core/connect.php in AROUNDMe 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the language_path parameter. | [email protected] | 6.8 | 2.49% | 2009-12-10 | 2026-04-23 |
| CVE-2006-5533 | Multiple PHP remote file inclusion vulnerabilities in AROUNDMe 0.6.9, and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the templatePath parameter in template/barnraiser_01/pol_view.tpl.php and other unspecified PHP scripts, a different vector than CVE-2006-5401. | [email protected] | 5.1 | 1.56% | 2006-10-26 | 2026-04-23 |
| CVE-2006-5401 | PHP remote file inclusion vulnerability in template/barnraiser_01/p_new_password.tpl.php in AROUNDMe 0.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the templatePath parameter. | [email protected] | 7.5 | 9.38% | 2006-10-18 | 2026-04-23 |