2 matches found
CVE-2006-7127
Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the maindir parameter to 1 forum/main.php and 2 forum/headlines.php...
CVE-2006-4671
CVE-2006-4671 is a PHP remote file inclusion in Fantastic News 2.1.4 (and possibly earlier) that lets an attacker execute arbitrary PHP code by supplying a URL to CONFIG[script_path] in headlines.php. This is a different vector from CVE-2006-1154. Affected product/version: Fantastic News 2.1.4 (a...