CVE-2006-6426

ThinkEdit 1.9.2 and earlier is affected. The vulnerability is a PHP remote file inclusion in design/thinkedit/render.php triggered by the template_file parameter when register_globals is enabled, allowing an attacker to execute arbitrary PHP code remotely. Root cause is the insecure handling of t...