NuytsTech Security

CVE-2006-1545

by ·

Direct static code injection vulnerability in admin/config.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allows remote authenticated administrators to execute code by inserting the code into variables that are stored in admin/config.php.

Date published : 2006-03-30

http://www.securityfocus.com/archive/1/430674/100/0/threaded

http://www.evuln.com/vulns/112

Tags: