CVE-2006-2182 Information

Description

Multiple PHP remote file inclusion vulnerabilities in (1) eday.php (2) eshow.php or (3) forgot.php in albinator 2.0.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the Config_rootdir parameter.

Reference

http://pridels0.blogspot.com/2006/05/albinator-208-remote-file-inclusion.html http://secunia.com/advisories/19952 http://www.osvdb.org/25239 http://www.osvdb.org/25240 http://www.osvdb.org/25241 http://www.securityfocus.com/bid/17825 http://www.vupen.com/english/advisories/2006/1643