CVE-2006-4452

2006-08-30T12:04:00
ID CVE-2006-4452
Type cve
Reporter NVD
Modified 2017-10-18T21:29:21

Description

PHP remote file inclusion vulnerability in security/include/_class.security.php in Web3news 0.95 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the PHPSECURITYADMIN_PATH parameter.