CVE-2006-5527
Affected software: Intelimen InteliEditor 1.2.x. The vulnerability is a PHP remote file inclusion in lib.editor.inc.php, exploitable via a URL in the sys_path parameter, allowing remote code execution. Root cause: unvalidated sys_path leads to inclusion of arbitrary PHP code. Impact stated by CVS...