Segue CMS themesettings.inc.php theme Variable Traversal Arbitrary File Execution

2006-10-20T10:48:54
ID OSVDB:30065
Type osvdb
Reporter OSVDB
Modified 2006-10-20T10:48:54

Description

Technical Description

This vulnerability is only present when the magic_quotes_gpc PHP option is 'off'.

References:

Vendor Specific News/Changelog Entry: http://sourceforge.net/forum/forum.php?forum_id=625467 Secunia Advisory ID:22582 FrSIRT Advisory: ADV-2006-4122 CVE-2006-5498