|
|
CVE Reference: CVE-2006-2877 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2877 |
|
|
Description: PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlier allows remote attackers to include arbitrary PHP files via the include_prefix parameter in (1) inc/dbase.php, (2) inc/config.php, (3) inc/common.php, and (4) inc/function.php. NOTE: it has been reported that the inc directory is protected by a .htaccess file, so this issue only applies in certain environments or configurations. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/26933 ST 1016224 SREASON http://securityreason.com/securityalert/1058 SAID Secunia Advisory: SA19758 OSVDB 26602 26601 26600 26599 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/436027/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/435964/100/0/threaded BID 18281 |
|
| Return to the previous page. |
