QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-5380

Back to search

CVE-2006-5380

Published: Oct 18, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Remote file inclusion vulnerability in Contenido CMS allows remote attackers to execute arbitrary PHP code via a URL in the contenido_path parameter to (1) cms/dbfs.php or (2) cms/front_content.php. NOTE: CVE disputes this issue for version 4.6.15, because $contenido_path is set to a static value

VendorProductVersions

n/a

n/a

affected
n/a

References

20061013 CMS contenido Remote File Inclusion
mailing-list
x_refsource_BUGTRAQ
20061017 Contenido RFI - CVE dispute
mailing-list
x_refsource_VIM
1739
third-party-advisory
x_refsource_SREASON

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now