2 matches found
Aardvark Topsites CONFIG[path] Parameter Remote File Inclusion
Aardvark Topsites PHP is installed on the remote host. It is an open source toplist management system written in PHP. The application does not sanitize user-supplied input to the 'CONFIGpath' variable in some PHP files, for example, 'lostpw.php' This allows an attacker to include arbitrary files,...
CVE-2006-2149
Aardvark Topsites PHP