CVE-2006-4452

2006-08-30T16:04:00
ID CVE-2006-4452
Type cve
Reporter cve@mitre.org
Modified 2017-10-19T01:29:00

Description

PHP remote file inclusion vulnerability in security/include/_class.security.php in Web3news 0.95 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the PHPSECURITYADMIN_PATH parameter.