Multiple PHP remote file inclusion vulnerabilities in Cantico Ovidentia 5.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the babInstallPath parameter in (1) index.php, (2) topman.php, (3) approb.php, (4) vacadmb.php, (5) vacadma.php, (6) vacadm.php, (7) statart.php, (8) search.php, (9) posts.php, (10) options.php, (11) login.php, (12) frchart.php, (13) flbchart.php, (14) fileman.php, (15) faq.php, (16) event.php, (17) directory.php, (18) articles.php, (19) artedit.php, (20) calday.php, and additional unspecified PHP scripts. NOTE: the utilit.php vector is already covered by CVE-2005-1964.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-06-05T17:00:00

Updated: 2024-08-07T18:06:26.664Z

Reserved: 2006-06-05T00:00:00

Link: CVE-2006-2811

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2006-06-05T17:02:00.000

Modified: 2024-11-21T00:12:08.797

Link: CVE-2006-2811

cve-icon Redhat

No data.