2 matches found
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in eArk e-Ark 1.0 allow remote attackers to execute arbitrary PHP code via a URL in 1 the cfgvcardpath parameter to src/vcardinc.php or 2 the cfgphpmailerpath parameter to src/emailinc.php. NOTE: the arkinc.php vector is already covered by...
CVE-2006-6086
Summary of findings: CVE-2006-6086 and related entries describe PHP remote file inclusion vulnerabilities in eArk (e-Ark) 1.0. The trusted sources show that: (1) CVE-2006-6086 affects src/ark_inc.php, allowing remote attackers to execute arbitrary PHP code via a URL in the cfg_pear_path parameter...