CVE-2006-6975 Information
Description
LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3 allows remote attackers to execute arbitrary code via a URL in the class_pwd parameter. NOTE: this issue has been disputed by CVE and multiple third parties who state that $class_pwd is set to a static value before the relevant include statement.
Reference
http://archives.neohapsis.com/archives/bugtraq/2006-10/0472.html http://archives.neohapsis.com/archives/bugtraq/2006-10/0494.html http://archives.neohapsis.com/archives/bugtraq/2006-10/0499.html http://www.osvdb.org/31638
Share on: