CVE-2005-0632 Information

Description

PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3 allows remote attackers to execute arbitrary PHP code via the path parameter.

Reference

http://marc.info/?l=bugtraq&m=110971663824719&w=2 http://marc.info/?l=bugtraq&m=110989169008570&w=2 http://secunia.com/advisories/14449 http://securitytracker.com/id?1013345 http://www.securityfocus.com/bid/12696