CVE-2006-5627

CVE-2006-5627 affects QnECMS up to version 2.5.6, where multiple PHP remote file inclusion vulnerabilities exist. An attacker can supply a URL via the adminfolderpath parameter to files under admin/include/ (headerscripts.php, footerhome.php, footermain.php) and templates/ (headerscripts.php, foo...

CVE-2006-5627

Multiple PHP remote file inclusion vulnerabilities in QnECMS 2.5.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the adminfolderpath parameter to 1 headerscripts.php, 2 footerhome.php, and 3 footermain.php in admin/include/; 4 photogallery/headerscripts.php; and 5...