SPAW Editor PHP Edition

Remote IInclude File : SPAW Editor PHP Edition upgrade version 1.2.3 to 1.2.4 Discovered By : Hasadya Raed Contact Me : RaeDatBsdMaildotCom Download Script: http://heanet.dl.sourceforge.net/sourceforge/spaw/spaw-php-123-to-124.zip B.File :imglibrary.php : include $spawroot.'class/util.class.php';...

CVE-2006-5291

PHP remote file inclusion vulnerability in admin/includes/spaw/spawcontrol.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PH...