2 matches found
CVE-2006-6801
PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via the newscfgpath parameter...
CVE-2006-6801
The vulnerability CVE-2006-6801 affects SH-News 0.93 and is a PHP remote file inclusion when register_globals is enabled. The root cause is unsafely using news_cfg[path], allowing an attacker to inject and execute arbitrary PHP code. Impact is partial confidentiality, integrity, and availability ...