3 matches found
CVE-2006-3611
Directory traversal vulnerability in pm.php in Phorum 5 allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in the GLOBALStemplate parameter, as demonstrated by injecting PHP sequences into a log file, which is then included by pm.php...
CVE-2006-3611
Directory traversal vulnerability in pm.php in Phorum 5 allows remote authenticated users to include and execute arbitrary local files via directory traversal sequences in the GLOBALStemplate parameter, as demonstrated by injecting PHP sequences into a log file, which is then included by pm.php...
CVE-2006-3611
This CVE concerns Phorum 5 with a directory traversal flaw in pm.php. Remote authenticated users could cause Local File Inclusion via the GLOBALS[template] parameter, by injecting PHP sequences into a log file that pm.php later includes, enabling arbitrary local file execution. The description do...