PHP remote file inclusion vulnerability in upload.php in Rad Upload 3.02 allows remote attackers to execute arbitrary PHP code via a URL in the save_path parameter. NOTE: CVE disputes this vulnerability because save_path is originally defined as "" before use, and the nearby instructions say "SET THE SAVE PATH by editing the line below.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-12-14T18:00:00

Updated: 2024-08-07T20:33:58.593Z

Reserved: 2006-12-14T00:00:00

Link: CVE-2006-6549

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2006-12-14T18:28:00.000

Modified: 2024-11-21T00:22:57.367

Link: CVE-2006-6549

cve-icon Redhat

No data.