Vulnerabilities > CVE-2006-5123 - Remote File Include vulnerability in PHProjekt Include Path
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple PHP remote file inclusion vulnerabilities in Albrecht Guenther PHProjekt 5.1.x before 5.1.2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lib_path or (2) lang_path parameter in unspecified files, related to code changes intended to fix inclusion, a different vulnerability than CVE-2002-0451, CVE-2006-4204, and CVE-2006-4609.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |
References
- http://secunia.com/advisories/22167
- http://securityreason.com/securityalert/1672
- http://www.hardened-php.net/advisory_062006.129.html
- http://www.osvdb.org/29290
- http://www.phprojekt.com/modules.php?op=modload&name=News&file=article&sid=259
- http://www.securityfocus.com/archive/1/447360/100/0/threaded
- http://www.securityfocus.com/bid/20268
- http://www.vupen.com/english/advisories/2006/3845
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29262