CVE-2006-5234 Information

Description

LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks Multiple PHP remote file inclusion vulnerabilities in phpWebSite 0.10.2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPWS_SOURCE_DIR parameter in (1) init.php (2) users.php (3) Cookie.php (4) forms.php (5) Groups.php (6) ModSetting.php (7) Calendar.php (8) DateTime.php (9) core.php (10) ImgLibrary.php (11) Manager.php and (12) Template.php and (13) EZform.php. NOTE: CVE disputes this report since \PHPWS_SOURCE_DIR\ is defined as a constant not accessed as a variable.

Reference

http://securityreason.com/securityalert/1716 http://www.attrition.org/pipermail/vim/2006-October/001079.html http://www.securityfocus.com/archive/1/448098/100/0/threaded http://www.securityfocus.com/archive/1/448307/100/100/threaded http://www.securityfocus.com/bid/20412