2 matches found
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Interact Learning Community Environment Interact 2.4.1, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 CONFIGLANGUAGECPATH parameter to modules/forum/embedforum.php and the 2...
CVE-2006-4448
CVE-2006-4448 concerns PHP remote file inclusion in Interact 2.2/2.x when register_globals is on. The vulnerable vectors are (1) CONFIG[BASE_PATH] via admin/autoprompter.php and includes/common.inc.php, and (2) CONFIG[LANGUAGE_CPATH] via admin/autoprompter.php. This allows arbitrary PHP code exec...