|
|
CVE Reference: CVE-2006-5627 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-5627 |
|
|
Description: Multiple PHP remote file inclusion vulnerabilities in QnECMS 2.5.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the adminfolderpath parameter to (1) headerscripts.php, (2) footerhome.php, and (3) footermain.php in admin/include/; (4) photogallery/headerscripts.php; and (5) footerhome.php, (6) footermain.php, (7) headermain.php, (8) sitemapfooter.php, and (9) sitemapheader.php in templates/. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/29871 SAID Secunia Advisory: SA22623 OSVDB 30117 30118 30119 30120 30121 30122 30123 30124 30125 MISC http://advisories.echo.or.id/adv/adv53-K-159-2006.txt http://www.milw0rm.com/exploits/2681 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/452356/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/450056/100/0/threaded BID 20801 |
|
| Return to the previous page. |
