CVE-2005-2319 Information

Description

PHP remote file include vulnerability in Yawp library 1.0.6 and earlier as used in YaWiki and possibly other products allows remote attackers to include arbitrary files via the _Yawp[conf_path] parameter.

Reference

http://phpyawp.com/yawiki/index.php?page=ChangeLog http://secunia.com/advisories/16049 http://www.hardened-php.net/advisory-102005.php http://www.securityfocus.com/archive/1/404948 http://www.securityfocus.com/bid/14237