CVE-2006-5226

PHP remote file inclusion vulnerability in moteur/moteur.php in Prologin.fr Freenews 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the chemin parameter.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-10 05:07:00.000-04
Last Modified2018-10-17 05:41:45.000-04

Vulnerable Software List

VendorProductVersions
Freenews Freenews 1.1

References

SourceLink
SREASON1704
BUGTRAQ20061008 Freenews v1.1 <= (chemin) Remote File Include Vulnerability
BID20405
XFfreenews-moteur-file-include(29395)
EXPLOIT-DB2490