Security Advisory

CVE-2006-5768

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-11-06 23:00:00

Last updated 2024-08-07 20:04:55

Assigner mitre

State PUBLISHED

Description

Multiple PHP remote file inclusion vulnerabilities in Cyberfolio 2.0 RC1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the av parameter to (1) msg/view.php, (2) msg/inc_message.php, (3) msg/inc_envoi.php, and (4) admin/incl_voir_compet.php.

← Browse all CVEs View on cve.org ↗