CVE-2006-4077 Information

Feb 14, 2021 cve

Description

PHP remote file inclusion vulnerability in CheckUpload.php in Vincenzo Valvano Comet WebFileManager (CWFM) 0.9.1 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the Language parameter.

Reference

http://secunia.com/advisories/21432 http://www.bb-pcsecurity.de/Websecurity/301/org/Cwfm-0.9.1_(Language)_Remote_File_Inclusion.htm http://www.securityfocus.com/archive/1/442714/100/0/threaded http://www.securityfocus.com/bid/19433 http://www.vupen.com/english/advisories/2006/3221 https://exchange.xforce.ibmcloud.com/vulnerabilities/28292

Share on: