CVE-2006-5615

NONE EPSS 2.09%

Oct 31, 2006

Updated Apr 23, 2026

Textpattern

Parameter	Value
Vendor	Textpattern
Public PoC	No

PHP remote file inclusion vulnerability in publish.php in Textpattern 1.19, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the txpcfg[txpath] parameter.

Vulnerable Products 1

Configuration	From (including)	Up to (excluding)
Textpattern Textpattern cpe:2.3:a:textpattern:textpattern:1.19:::::::*	—	—

References 3

http://securityreason.com/securityalert/1794

cve@mitre.org

http://www.securityfocus.com/archive/1/449907/100/0/threaded

cve@mitre.org

http://www.securityfocus.com/bid/20769

cve@mitre.org

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-32986

Textpattern

5.1

CVE Details

CVE ID

CVE-2006-5615

Published Date

Oct 31, 2006

Vendor

Textpattern

Severity

NONE

Exploit Prediction (EPSS)

Probability of Exploit 2.09%

Likelihood of exploitation in next 30 days

Percentile: 84.1th percentile (higher than 84.1% of all CVEs)

Standard patching cycle

Impact

Minimal impact

Source

View Advisory

Menu

CVE-2006-5615

Vulnerable Products 1

References 3

Related Vulnerabilities

CVE-2026-32986

CVE Details

Editor's Choice

Menu

CVE-2006-5615

Vulnerable Products 1

References 3

Related Vulnerabilities

CVE-2026-32986

CVE Details

Editor's Choice

Stay informed on cybersecurity