CVE-2006-4671 Information

Description

PHP remote file inclusion vulnerability in headlines.php in Fantastic News 2.1.4 and possibly earlier allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[script_path] parameter a different vector than CVE-2006-1154.

Reference

http://secunia.com/advisories/21807 http://secunia.com/advisories/23519 http://www.securityfocus.com/bid/21796 http://www.vupen.com/english/advisories/2006/3513 https://exchange.xforce.ibmcloud.com/vulnerabilities/31121 https://www.exploit-db.com/exploits/3027