CVE-2006-2485

PHP remote file inclusion vulnerability in includes/class_template.php in Quezza 1.0 and earlier, and possibly 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the quezza_root_path parameter.

Date published : 2006-05-19

http://www.securityfocus.com/bid/18011

http://www.securityfocus.com/archive/1/434231/100/0/threaded