3 matches found
CVE-2006-5722
Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 and earlier, when magicquotesgpc is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the theme parameter to 1 themesettings.php or 2 index.php, a different vector than CVE-2006-5497. NOTE: the provenan...
CVE-2006-5722
Summary: Segue CMS 1.5.9 and earlier exposes multiple remote file inclusion vulnerabilities. The issue stems from unsanitized input in the themesdir/theme-related include paths (themesettings.inc.php and index.php), enabling an attacker to inject arbitrary PHP code via a URL parameter. Documented...
CVE-2006-5722
Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 and earlier, when magicquotesgpc is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the theme parameter to 1 themesettings.php or 2 index.php, a different vector than CVE-2006-5497. NOTE: the provenan...