ID CVE-2006-6224 Type cve Reporter cve@mitre.org Modified 2017-07-29T01:29:00
Description
PHP remote file inclusion vulnerability in the installation scripts in Puntal before 1.8.5 allows remote attackers to execute arbitrary PHP code via the GLOBALS array.
{"osvdb": [{"lastseen": "2017-04-28T13:20:26", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 1.8.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://puntal.fr/\nVendor Specific News/Changelog Entry: http://www.puntal.fr/forums/viewtopic.php?id=610\nMail List Post: http://archives.neohapsis.com/archives/apps/freshmeat/2006-11/0022.html\nISS X-Force ID: 30585\nFrSIRT Advisory: ADV-2006-4767\n[CVE-2006-6224](https://vulners.com/cve/CVE-2006-6224)\nBugtraq ID: 21357\n", "modified": "2006-11-22T05:10:19", "published": "2006-11-22T05:10:19", "href": "https://vulners.com/osvdb/OSVDB:30504", "id": "OSVDB:30504", "title": "Puntal Unspecified Installation Script Issue", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}