CVE-2005-2321 Information

Description

PHP remote file inclusion vulnerability in CaLogic 1.2.2 allows remote attackers to execute arbitrary code via the CLPATH parameter to (1) cl_minical.php (2) clmcpreload.php (3) mcconfig.php or (4) mcpi-demo.php.

Reference

http://secunia.com/advisories/16090 http://www.albaniafuckgreece.org/adviso/calogic.txt http://www.calogic.de/modules/newbb/viewtopic.php?topic_id=333&forum=7 http://www.securityfocus.com/bid/14296