CVE-2006-5257

PHP remote file inclusion vulnerability in modules/forum/include/config.php in Ciamos Content Management System (CMS) 0.9.6b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_cache_path parameter.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-12 06:07:00.000-04
Last Modified2017-10-18 09:29:31.000-04

Vulnerable Software List

VendorProductVersions
Ciamos Ciamos Cms 0.9.6b

References

SourceLink
BID20403
XFciamos-config-file-include(29398)
EXPLOIT-DB2489