CVE-2006-5627

Multiple PHP remote file inclusion vulnerabilities in QnECMS 2.5.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the adminfolderpath parameter to 1 headerscripts.php, 2 footerhome.php, and 3 footermain.php in admin/include/; 4 photogallery/headerscripts.php; and 5...