PHP remote file inclusion vulnerability in security/include/_class.security.php in Web3news 0.95 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the PHPSECURITYADMIN_PATH parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-08-30T15:00:00
Updated: 2024-08-07T19:14:46.629Z
Reserved: 2006-08-30T00:00:00
Link: CVE-2006-4452
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-08-30T16:04:00.000
Modified: 2024-11-21T00:15:58.920
Link: CVE-2006-4452
Redhat
No data.