2 matches found
CVE-2006-3395
The CVE-2006-3395 item affects SiteBuilder-FX 3.5. The vulnerability is a remote file inclusion in the admin/top.php script, where the admindir parameter is unsafely used to include PHP code. This allows an attacker to execute arbitrary PHP code on the server, enabling potential compromise of the...
SiteBuilder-FX top.php admindir Parameter Remote File Inclusion
The remote host is running SiteBuilder-FX, a web-based design system written in PHP. The version of SiteBuilder-FX installed on the remote host fails to sanitize input to the 'admindir' parameter of the 'admin/top.php' script before using it to include PHP code. Regardless of the setting of PHP's...