PHP remote file inclusion vulnerability in bug.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280. NOTE: CVE disputes this issue, since bug.php is not in communityPortals source distributions
References
Configurations
History
21 Nov 2024, 00:24
Type | Values Removed | Values Added |
---|---|---|
References | () http://securityreason.com/securityalert/2387 - Exploit | |
References | () http://www.securityfocus.com/archive/1/448311/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/20467 - Exploit |
07 Nov 2023, 01:59
Type | Values Removed | Values Added |
---|---|---|
Summary | PHP remote file inclusion vulnerability in bug.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280. NOTE: CVE disputes this issue, since bug.php is not in communityPortals source distributions |
Information
Published : 2007-03-07 20:19
Updated : 2024-11-21 00:24
NVD link : CVE-2006-7146
Mitre link : CVE-2006-7146
CVE.ORG link : CVE-2006-7146
JSON object : View
Products Affected
cuttlefish
- leicestershire_communityportals
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')