CVE-2006-5291

by Fred · 16/10/2006

PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_control.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PHP Edition, so this issue is probably a duplicate of CVE-2006-4656.

Date published : 2006-10-16

http://www.securityfocus.com/bid/20500

http://www.securityfocus.com/archive/1/448450/100/0/threaded

CVE-2006-5291

Similar

Recent Posts

Categories

CVE-2006-5291

Share this:

Similar

Recent Posts

Categories

Tags