CVE-2006-6975

by Fred · 08/02/2007

** DISPUTED **

PHP remote file inclusion vulnerability in centipaid_class.php in CentiPaid 1.4.3 allows remote attackers to execute arbitrary code via a URL in the class_pwd parameter. NOTE: this issue has been disputed by CVE and multiple third parties, who state that $class_pwd is set to a static value before the relevant include statement.

Date published : 2007-02-08

http://archives.neohapsis.com/archives/bugtraq/2006-10/0472.html

http://archives.neohapsis.com/archives/bugtraq/2006-10/0494.html

CVE-2006-6975

Similar

Recent Posts

Categories

CVE-2006-6975

Share this:

Similar

Recent Posts

Categories

Tags