CVE-2006-4277
CVE-2006-4277 concerns multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier. The flaw allows an attacker to execute arbitrary PHP code by supplying a URL in the TNLIB_DIR parameter to include/novalib/class.novaAdmin.mysql.php or novalib/class.novaRead.mysql.php. Severi...