Vulnerabilities > CVE-2006-2578 - Remote Security vulnerability in Esyndicat Directory 1.2
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
admin/cron.php in eSyndicat Directory 1.2, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include arbitrary files and possibly execute arbitrary PHP code via a null-terminated value in the path_to_config parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |