CVE-2006-3537 Information

Description

PHP remote file inclusion vulnerability in index.php in Randshop before 1.2 allows remote attackers to execute arbitrary PHP code via the dateiPfad parameter a different vector than CVE-2006-3375.

Reference

http://securityreason.com/securityalert/1213 http://www.securityfocus.com/archive/1/439750/100/0/threaded http://www.securityfocus.com/bid/18865 http://www.vupen.com/english/advisories/2006/2740 https://exchange.xforce.ibmcloud.com/vulnerabilities/27540 https://exchange.xforce.ibmcloud.com/vulnerabilities/27541