CVE-2006-4673

2006-09-11T12:04:00
ID CVE-2006-4673
Type cve
Reporter NVD
Modified 2017-07-19T21:33:14

Description

Global variable overwrite vulnerability in maincore.php in PHP-Fusion 6.01.4 and earlier uses the extract function on the superglobals, which allows remote attackers to conduct SQL injection attacks via the _SERVER[REMOTE_ADDR] parameter to news.php.