2 matches found
CVE-2006-5255
The CVE affects gCards 1.13, where addnews.php accepts a URL in the languagefile parameter, enabling a PHP remote file inclusion that could execute arbitrary code. The root cause is the handling of languagefile in addnews.php; a note in sources mentions that languageFile is defined before use, wh...
PT-2006-5990 · Gcards · Gcards
Name of the Vulnerable Software and Affected Versions: gCards version 1.13 Description: A remote file inclusion issue exists, allowing remote attackers to execute arbitrary PHP code. This is achieved via a URL in the languagefile parameter in the addnews.php file. However, it has been observed th...