2 matches found
CVE-2005-1222
catforgen.php in Annuaire Netref 4.2 allows remote attackers to execute arbitrary PHP code by setting the addirect parameter to reference catforgen.php, then including the code in the mforracine parameter, which is then written to catforgen.php...
CVE-2005-1222
CVE-2005-1222 : Netref cat_for_gen.php remote PHP script injection vulnerability in Annuaire Netref 4.2. The vulnerability allows an attacker to cause arbitrary PHP code execution by supplying PHP code via ad_direct and including it through m_for_racine, which is then written into cat_for_gen.php...