Vulnerabilities > CVE-2006-5776 - Unspecified vulnerability in Ariadne CMS 2.4.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple PHP remote file inclusions in Ariadne 2.4.1 allows remote attackers to execute arbitrary PHP code via the ariadne parameter in (1) ftp/loader.php and (2) lib/includes/loader.cmd.php. NOTE: this issue is disputed by CVE, since installation instructions recommend that the files be placed outside of the web document root and require the administrator to modify $ariadne in an include file
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://attrition.org/pipermail/vim/2006-November/001108.html
- http://attrition.org/pipermail/vim/2006-November/001109.html
- http://www.securityfocus.com/bid/20916
- http://securityreason.com/securityalert/1827
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30018
- http://www.securityfocus.com/archive/1/450709/100/0/threaded