CVE

Id
22530  
CVE No.
CVE-2006-6426  
Status
Candidate  
Description
PHP remote file inclusion vulnerability in design/thinkedit/render.php in ThinkEdit 1.9.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the template_file parameter.  
Phase
Assigned (20061209)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
217605 22530 CVE-2006-6426 MILW0RM:2898  View
217606 22530 CVE-2006-6426 URL:http://milw0rm.com/exploits/2898  View
217607 22530 CVE-2006-6426 CONFIRM:http://svn.berlios.de/viewcvs/thinkedit/trunk/design/thinkedit/render.php?rev=321&r1=230&r2=321  View
217608 22530 CVE-2006-6426 VUPEN:ADV-2006-4906  View
217609 22530 CVE-2006-6426 URL:http://www.vupen.com/english/advisories/2006/4906  View
217610 22530 CVE-2006-6426 SECTRACK:1017359  View
217611 22530 CVE-2006-6426 URL:http://securitytracker.com/id?1017359  View
217612 22530 CVE-2006-6426 SECUNIA:23279  View
217613 22530 CVE-2006-6426 URL:http://secunia.com/advisories/23279  View
217614 22530 CVE-2006-6426 XF:thinkedit-render-file-include(30772)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
61310 JVNDB-2006-003576 Xerox WorkCentre などにおけるアクセス権を取得される脆弱性 Xerox WorkCentre および WorkCentre Pro は、"ブラウザパーミッション" に関する処理に不備があるため、アクセス権を取得される脆弱性が存在します。 CVE-2006-6428 22530 7.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003576.html  View