2 matches found
CVE-2006-2608
The CVE-2006-2608 issue affects artmedic newsletter 4.1 (and possibly older versions) where enabling register_globals allows an attacker to modify arbitrary files and execute PHP code via the logfile parameter in a direct request to log.php. This redefines the $logfile variable to an attacker-con...
CVE-2006-2608
artmedic newsletter 4.1 and possibly other versions, when registerglobals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the logfile parameter in a direct request to log.php, which causes the $logfile variable to be redefined to an...