2 matches found
CVE-2006-4678
The CVE-2006-4678 entry concerns News Evolution 3.0.3, which is vulnerable to a PHP remote file inclusion via the _NE[AbsPath] parameter in install.php and migrateNE2toNE3.php. The vulnerability is remote, requires no authentication, and can yield arbitrary PHP code execution. CVSS v2 base score ...
CVE-2006-4678
PHP remote file inclusion vulnerability in News Evolution 3.0.3 allows remote attackers to execute arbitrary PHP code via the NEAbsPath parameter in 1 install.php and 2 migrateNE2toNE3.php...