CVE-2006-0502 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-0502
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-0502

Description: PHP remote file inclusion vulnerability in loginout.php in FarsiNews 2.1 Beta 2 and earlier, with register_globals enabled, allows remote attackers to include arbitrary files via a URL in the cutepath parameter.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/24419 ST 1015554 SREASON http://securityreason.com/securityalert/390 SAID Secunia Advisory: SA18637 OSVDB 22878 MISC http://www.hamid.ir/security/farsinews.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/423568/100/0/threaded BID 16440

Return to the previous page.