Required CVE Record Information
Description
PHP remote file inclusion vulnerability in index.php in MyPhotos 0.1.3b beta allows remote attackers to execute arbitrary PHP code via the includesdir parameter. NOTE: this issue is disputed by CVE on 20060927, since the includesdir is defined before being used when the product is installed according to the provided instructions
References 4 Total
- securityreason.com: 1656 third-party-advisory
- attrition.org: 20060927 MyPhotos includesdir file inclusion - CVE dispute mailing-list
- securityfocus.com: 20160 vdb-entry
- securityfocus.com: 20060923 MyPhotos<= Remote File Include Vulnerability mailing-list
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- securityreason.com: 1656 third-party-advisoryx_transferred
- attrition.org: 20060927 MyPhotos includesdir file inclusion - CVE dispute mailing-listx_transferred
- securityfocus.com: 20160 vdb-entryx_transferred
- securityfocus.com: 20060923 MyPhotos<= Remote File Include Vulnerability mailing-listx_transferred