CVE-2006-4530

2006-09-01T23:04:00
ID CVE-2006-4530
Type cve
Reporter cve@mitre.org
Modified 2018-10-17T21:37:00

Description

Direct static code injection vulnerability in include/change.php in membrepass 1.5 allows remote attackers to execute arbitrary PHP code via the aifon parameter, which is injected into include/variable.php.