CVE-2006-5419 in Specimen Image Database
Summary
by MITRE
PHP remote file inclusion vulnerability in client.php in University of Glasgow Specimen Image Database (SID), when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 04/25/2026
The vulnerability identified as CVE-2006-5419 represents a critical remote file inclusion flaw within the University of Glasgow Specimen Image Database (SID) system, specifically affecting the client.php component. This vulnerability emerges from the dangerous combination of improper input validation and the insecure configuration of PHP's register_globals directive, creating a pathway for remote attackers to inject and execute malicious code on the target system. The flaw manifests when the application fails to properly sanitize user-supplied input passed through the dir parameter, which is then directly incorporated into a file inclusion operation without adequate security controls.
The technical exploitation of this vulnerability relies heavily on the PHP configuration setting register_globals being enabled, a practice that was common in older PHP environments but is now considered highly dangerous and deprecated. When register_globals is active, user input parameters become automatically available as global variables within the PHP execution context, eliminating the need for explicit variable assignment and creating numerous attack vectors. In this specific case, the dir parameter in client.php accepts a URL value that gets directly processed in a file inclusion function, allowing attackers to specify external URLs that contain malicious PHP code. The vulnerability falls under CWE-88, which addresses improper neutralization of special elements used in an OS command, and more specifically aligns with CWE-94, representing insufficient control of generation of code, as the application fails to properly control code execution paths.
The operational impact of this vulnerability extends far beyond simple code execution, as it provides attackers with complete control over the affected system. Successful exploitation enables remote code execution, allowing threat actors to install backdoors, exfiltrate sensitive data, or compromise the entire server infrastructure. The University of Glasgow Specimen Image Database, which likely contains valuable biological specimen data and associated metadata, becomes vulnerable to unauthorized access and potential data breaches. This vulnerability also demonstrates poor security practices in input validation and secure coding principles, as the application should have implemented proper sanitization and validation of all user inputs before processing them in file inclusion operations. The attack vector represents a classic example of how legacy PHP configurations can create exploitable conditions, aligning with ATT&CK technique T1190 for exploitation of remote services and T1059 for command and scripting interpreter usage.
Mitigation strategies for CVE-2006-5419 require immediate remediation of the underlying configuration issues and code-level protections. The primary fix involves disabling the register_globals directive in PHP configuration, which should be accomplished by setting register_globals = Off in the php.ini file or through appropriate server configuration directives. Additionally, the application code must be modified to implement proper input validation and sanitization for all user-supplied parameters, particularly those used in file inclusion operations. This includes implementing strict parameter validation, using allowlists for acceptable input values, and employing proper path validation to prevent directory traversal attacks. The system should also implement proper input filtering using functions like filter_var() and ensure that all file inclusion operations use absolute paths rather than user-controllable variables. Organizations should also consider implementing web application firewalls and runtime application self-protection mechanisms to detect and prevent such exploitation attempts. The remediation process should include thorough code review and security testing to identify similar vulnerabilities throughout the application codebase, as this represents a systemic security issue that may affect other components of the system.