3 matches found
CVE-2006-3692
PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lmpath parameter. NOTE: the vendor has disputed this issue to SecurityTracker, stating that the $lmpath variable is set to a constant...
CVE-2006-3692
PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lmpath parameter. NOTE: the vendor has disputed this issue to SecurityTracker, stating that the $lmpath variable is set to a constant...
ListMessenger 0.9.3 - LM_Path Remote File Inclusion
ListMessenger 0.9.3 - LMPath Remote File Inclusion source: https://www.securityfocus.com/bid/19014/info ListMessenger is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...