CVE-2006-5625

2006-10-31T20:07:00
ID CVE-2006-5625
Type cve
Reporter cve@mitre.org
Modified 2017-10-19T01:29:00

Description

PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in N/X 2002 Professional Edition Web Content Management System (WCMS) 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the c[path] parameter. Successful exploitation requires that "register_globals" is enabled.