CVE-2006-6710

2006-12-2301:00:00

mitre

www.cve.org

7.7 High

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.1%

JSON

Multiple PHP remote file inclusion vulnerabilities in PgmReloaded 0.8.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang parameter to (a) index.php, the (2) CFG[libdir] and (3) CFG[localedir] parameters to (b) common.inc.php, and the CFG[localelangdir] parameter to © form_header.php.

References

secunia.com/advisories/23480

www.securityfocus.com/bid/21696

www.vupen.com/english/advisories/2006/5116

www.exploit-db.com/exploits/2971