CVE-2006-5460

2006-10-23T13:07:00
ID CVE-2006-5460
Type cve
Reporter NVD
Modified 2008-09-05T17:12:19

Description

DISPUTED Multiple PHP remote file inclusion vulnerabilities in Hinton Design phpht Topsites allow remote attackers to execute arbitrary PHP code via a URL in the phpht_real_path parameter to (1) index.php, (2) certain other scripts in the top-level directory, and (3) certain scripts in the admin/ directory. NOTE: CVE disputes this vulnerability because $phpht_real_path is defined before use in index.php and most other files except common.php, which is already covered by CVE-2006-5458.