CVE-2006-2921

2006-06-09T10:02:00
ID CVE-2006-2921
Type cve
Reporter cve@mitre.org
Modified 2017-07-20T01:31:00

Description

PHP remote file inclusion vulnerability in cmpro_header.inc.php in Clan Manager Pro (CMPRO) 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the (1) cm_ext_server and (2) sitepath parameters.