CVE-2006-6801
Summary
PHP remote file inclusion vulnerability in misc.php in SH-News 0.93, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the news_cfg[path] parameter.
- MEDIUM
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published