CVE-2006-5240

2006-10-12T00:07:00
ID CVE-2006-5240
Type cve
Reporter cve@mitre.org
Modified 2018-10-17T21:41:00

Description

PHP remote file inclusion vulnerability in engine/require.php in Docmint 2.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the MY_ENV[BASE_ENGINE_LOC] parameter. Successful exploitation requires that "register_globals" is enabled.