CVE-2006-4589

PHP remote file inclusion vulnerability in 0_admin/modules/Wochenkarte/frontend/index.php in DynCMS 6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the x_admindir parameter.

Date published : 2006-09-06

http://www.securityfocus.com/bid/19846

http://www.securityfocus.com/archive/1/445264/100/0/threaded