2 matches found
CVE-2006-6883
PHP remote file inclusion vulnerability in php4you.php in PHPIrcbot 0.2 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue is disputed by CVE, since the dir variable is declared before being used...
CVE-2006-6883
PHPIrc bot 0.2 is affected by a remote file inclusion in php4you.php, exploitable via a URL in the dir parameter to cause arbitrary PHP code execution. The issue is documented in PT-Security PT-2006-7480 with recommendations to validate/sanitize the dir parameter and, as a temporary workaround, r...