Back to search
CVE-2006-4349
Published: Aug 24, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
PHP remote file inclusion vulnerability in ToendaCMS 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tcms_administer_site parameter to an unspecified script, probably index.php. NOTE: this issue has been disputed by a third party, who states that $tcms_administer_site is initialized to a constant value within index.php
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
19626
vdb-entry
x_refsource_BID
toendacms-administersite-file-include(28491)
vdb-entry
x_refsource_XF
29358
vdb-entry
x_refsource_OSVDB
20060820 ToendaCMS <= 1.0.3 -(tcms_administer_site) Remote File Include
mailing-list
x_refsource_BUGTRAQ
20060823 Re: ToendaCMS <= 1.0.3 -(tcms_administer_site) Remote File Include
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now