CVE-2006-4993

2006-09-26T02:07:00
ID CVE-2006-4993
Type cve
Reporter cve@mitre.org
Modified 2017-10-19T01:29:00

Description

Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.4.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _AMGconfig[cfg_serverpath] parameter in (1) modules/AllMyGuests/signin.php (aka the Nuke module) and (2) AllMyGuests/signin.php (aka the standalone).