Security Advisory

CVE-2006-0687

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-02-15 00:00:00

Last updated 2024-08-07 16:41:29

Assigner mitre

State PUBLISHED

Description

process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable.

← Browse all CVEs View on cve.org ↗