Vulnerabilities > Alex > Downloadengine > 1.4.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-10-16 | CVE-2006-5291 | Code Injection vulnerability in Alex Downloadengine 1.4.2 PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_control.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. | 7.5 |