CVE-2006-3374 Information

Description

PHP remote file inclusion vulnerability in index.php in Randshop 1.2 and earlier including 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the incl parameter.

Reference

http://securitytracker.com/id?1016438 http://www.securityfocus.com/archive/1/439040/100/0/threaded http://www.securityfocus.com/archive/1/439063/100/0/threaded http://www.securityfocus.com/bid/18809