CVE-2006-5124 Information

Description

Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) target and (2) action parameters in window.php and possibly the (3) target parameter in home.php.

Reference

http://kernel-32.blogspot.com/2006/09/php-mywebmin-10-remote-file-include.html http://secunia.com/advisories/22178 http://www.securityfocus.com/bid/20264 http://www.vupen.com/english/advisories/2006/3846 https://exchange.xforce.ibmcloud.com/vulnerabilities/29258 https://www.exploit-db.com/exploits/2451