QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-5392

Back to search

CVE-2006-5392

Published: Oct 18, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple PHP remote file inclusion vulnerabilities in OpenDock FullCore 4.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the doc_directory parameter in (1) sw/index_sw.php; (2) cart.php, (3) lib_cart.php, (4) lib_read_cart.php, (5) lib_sys_cart.php, and (6) txt_info_cart.php in sw/lib_cart/; (7) comment.php, (8) find_comment.php, and (9) lib_comment.php in sw/lib_comment/; (10) sw/lib_find/find.php; and other unspecified PHP scripts.

VendorProductVersions

n/a

n/a

affected
n/a

References

29913
vdb-entry
x_refsource_OSVDB
29911
vdb-entry
x_refsource_OSVDB
29909
vdb-entry
x_refsource_OSVDB
29908
vdb-entry
x_refsource_OSVDB
22410
third-party-advisory
x_refsource_SECUNIA
29910
vdb-entry
x_refsource_OSVDB
29915
vdb-entry
x_refsource_OSVDB
29914
vdb-entry
x_refsource_OSVDB
2570
exploit
x_refsource_EXPLOIT-DB
29907
vdb-entry
x_refsource_OSVDB
29912
vdb-entry
x_refsource_OSVDB
ADV-2006-4052
vdb-entry
x_refsource_VUPEN
29906
vdb-entry
x_refsource_OSVDB
20573
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now