EUVD-2006-5085

PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS aka webnews 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WNBASEDIR parameter...

webnews <= v1.4 (WN_BASEDIR) Remote File Inclusion Exploit

============================================================================================== webnews = v1.4 WNBASEDIR Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Version : v1.4...