Vulnerabilities > CVE-2006-6043 - Unspecified vulnerability in Oliver
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
oliver
Summary
PHP file inclusion vulnerability in loginform-inc.php in Oliver (formerly Webshare) 1.2.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the conf[motdfile] parameter, which is accessed by the file_exists function. Successful exploitation requires that "register_globals" is enabled.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |