3 matches found
Remote file inclusion
PHP remote file inclusion vulnerability in convert/mvcwconver.php in the Virtual War VWar module for PHPNuke-Clan PNC 4.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter, a different vector than CVE-2006-1602. NOTE: it is possible that this...
CVE-2006-1602
PHP remote file inclusion vulnerability in includes/functionscommon.php in the VWar Account module vWarAccount in PHPNuke Clan 3.0.1 allows remote attackers to include arbitrary files via a URL in the vwarroot2 parameter. NOTE: it is possible that this issue stems from a problem in VWar itself, b...
CVE-2006-1602
CVE-2006-1602 describes a PHP remote file inclusion in includes/functions_common.php within the VWar Account module (vWar_Account) of PHPNuke Clan 3.0.1. The vulnerability allows remote attackers to include arbitrary files via a URL supplied to the vwar_root2 parameter. The issue is scoped to the...