2 matches found
CVE-2006-3136
Multiple PHP remote file inclusion vulnerabilities in Nucleus 3.23 allow remote attackers to execute arbitrary PHP code via a URL the DIRLIBS parameter in 1 path/action.php, and to files in path/nucleus including 2 media.php, 3 /xmlrpc/server.php, and 4 /xmlrpc/apimetaweblog.inc.php. NOTE: this i...
CVE-2006-3136
CVE-2006-3136 affects Nucleus CMS 3.23 and reports multiple PHP remote file inclusion vulnerabilities. The issue allows an attacker to trigger arbitrary PHP code execution by supplying a URL via the DIR_LIBS parameter in the affected endpoints: path/action.php and files under path/nucleus includi...