3 matches found
CVE-2006-4559
CVE-2006-4559 describes multiple PHP remote file inclusion vulnerabilities in Yet Another Community System (YACS) CMS 6.6.1 and earlier. The flaw allows remote attackers to execute arbitrary PHP code by supplying a URL in the context[path_to_root] parameter to several PHP endpoints, including art...
CVE-2006-4532
PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System YACS CMS 6.6.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the contextpathtoroot parameter...
CVE-2006-4532
Affected software: Yet Another Community System (YACS) CMS, version 6.6.1 and earlier. Vulnerability: PHP remote file inclusion in articles/article.php, where an attacker can supply a URL via context[path_to_root] to execute arbitrary PHP code. Impact: Arbitrary code execution with the same privi...