CVE-2006-5634

2006-11-01T00:07:00
ID CVE-2006-5634
Type cve
Reporter cve@mitre.org
Modified 2017-10-19T01:29:00

Description

Multiple PHP remote file inclusion vulnerabilities in phpProfiles 2.1 Beta allow remote attackers to execute arbitrary PHP code via a URL in the (1) reqpath parameter to (a) body.inc.php and (b) body_blog.inc.php in users/include/; or the (2) usrinc parameter in users/include/upload_ht.inc.php. Successful exploitation requires that "register_globals" is enabled.