2 matches found
CVE-2006-3076
CVE-2006-3076 affects PhpBlueDragon CMS 2.9.1. Affected file: software_upload/public_includes/pub_templates/vphptree/template.php. Vulnerability: remote attacker can execute arbitrary PHP code via a URL in the vsDragonRootPath parameter, enabling remote code execution. Connected documents confirm...
CVE-2006-6958
CVE-2006-6958 : Affects PhpBlueDragon CMS 2.9.1. Multiple PHP remote file inclusion vectors exist through the vsDragonRootPath parameter to includes/root_modules/ (team_admin.php, rss_admin.php, manual_admin.php, forum_admin.php). The underlying issue is improper handling of local/remote URLs in ...