Security Advisory
CVE-2005-1996
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
PHP remote file inclusion vulnerability in start.php in Bitrix Site Manager 4.0.x allows remote attackers to execute arbitrary PHP code via the _SERVER[DOCUMENT_ROOT] parameter.