2 matches found
CVE-2006-5291
PHP remote file inclusion vulnerability in admin/includes/spaw/spawcontrol.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PH...
CVE-2006-5291
The vulnerability CVE-2006-5291 affects Download-Engine 1.4.2 through a PHP remote file inclusion in admin/includes/spaw/spaw_control.class.php, exploitable via a URL in the spaw_root parameter to execute arbitrary PHP code on the server. The issue is noted as potentially in the third-party SPAW ...