CVE-2006-6042

2006-11-22T00:07:00
ID CVE-2006-6042
Type cve
Reporter cve@mitre.org
Modified 2018-10-17T21:46:00

Description

PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the editor_insert_bottom parameter. Successful exploitation requires that "register_globals" is enabled.