CVE-2006-3692 Information

Feb 14, 2021 cve

Description

LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lm_path parameter. NOTE: the vendor has disputed this issue to SecurityTracker stating that the $lm_path variable is set to a constant value. As of 20060726 CVE concurs with the vendor based on SecurityTracker’s post-disclosure analysis.

Reference

http://securityreason.com/securityalert/1243 http://securitytracker.com/id?1016530 http://www.attrition.org/pipermail/vim/2006-July/000946.html http://www.osvdb.org/28289 http://www.securityfocus.com/archive/1/440291/100/0/threaded http://www.securityfocus.com/bid/19014

Share on: