NuytsTech Security

CVE-2006-5497

by ·

PHP remote file inclusion vulnerability in themes/program/themesettings.inc.php in Segue CMS 1.5.8 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the themesdir parameter.

Date published : 2006-10-25

http://www.securityfocus.com/bid/20640

http://sourceforge.net/forum/forum.php?forum_id=625467

Tags: