CVE-2006-5533 Information

Description

Multiple PHP remote file inclusion vulnerabilities in AROUNDMe 0.6.9 and possibly earlier when register_globals is enabled allow remote attackers to execute arbitrary PHP code via a URL in the templatePath parameter in template/barnraiser_01/pol_view.tpl.php and other unspecified PHP scripts a different vector than CVE-2006-5401.

Reference

http://marc.info/?l=full-disclosure&m=116154841209515&w=2 http://securityreason.com/securityalert/1786 http://securitytracker.com/id?1017106 http://www.securityfocus.com/archive/1/449476/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/29743