CVE-2006-6541
Animated Smiley Generator - Remote File Inclusion via Smiley Parameter
Title source: llmDescription
PHP remote file inclusion vulnerability in signer/final.php in warez distributions of Animated Smiley Generator allows remote attackers to execute arbitrary PHP code via a URL in the smiley parameter. NOTE: the vendor disputes this issue, stating that only Warez versions of Animated Smiley Generator were affected, not the developer-provided software: "Legitimately purchased applications do not allow this exploit.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/453934/100/0/threaded
Various Sources x_refsource_misc
http://www.smileygenerator.us/sales/index.php?act=viewProd&productId=8
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/2031
Third Party Advisory mailing-list
x_refsource_vim
http://www.attrition.org/pipermail/vim/2006-December/001195.html
Various Sources x_refsource_misc
http://www.smileygenerator.us/sales/index.php
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30794
Scores
EPSS
0.0128
EPSS Percentile
79.8%
Details
Status
published
Products (1)
php/animated_smiley_generator
Published
Dec 14, 2006
Tracked Since
Feb 18, 2026