PHP remote file inclusion vulnerability in bug.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280. NOTE: CVE disputes this issue, since bug.php is not in communityPortals source distributions
References
Configurations
History
07 Nov 2023, 01:59
Type | Values Removed | Values Added |
---|---|---|
Summary | PHP remote file inclusion vulnerability in bug.php in Leicestershire communityPortals 1.0 build 20051018 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cp_root_path parameter, a different vector than CVE-2006-5280. NOTE: CVE disputes this issue, since bug.php is not in communityPortals source distributions |
Information
Published : 2007-03-07 20:19
Updated : 2024-08-07 21:15
NVD link : CVE-2006-7146
Mitre link : CVE-2006-7146
CVE.ORG link : CVE-2006-7146
JSON object : View
Products Affected
cuttlefish
- leicestershire_communityportals
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')