CVE

Id
22653  
CVE No.
CVE-2006-6549  
Status
Candidate  
Description
** DISPUTED ** PHP remote file inclusion vulnerability in upload.php in Rad Upload 3.02 allows remote attackers to execute arbitrary PHP code via a URL in the save_path parameter. NOTE: CVE disputes this vulnerability because save_path is originally defined as "" before use, and the nearby instructions say "SET THE SAVE PATH by editing the line below."  
Phase
Assigned (20061214)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
219381 22653 CVE-2006-6549 BUGTRAQ:20061212 Web Apps- Rad Upload Version 3.02 Remote File Include Vulnerability  View
219382 22653 CVE-2006-6549 URL:http://www.securityfocus.com/archive/1/archive/1/454175/100/0/threaded  View
219383 22653 CVE-2006-6549 SREASON:2034  View
219384 22653 CVE-2006-6549 URL:http://securityreason.com/securityalert/2034  View
219385 22653 CVE-2006-6549 XF:radupload-upload-file-include(30864)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
61353 JVNDB-2006-003619 Tucows CCS の libs/tucows/api/cartridges/crt_TUCOWS_domains/lib/domainutils.inc.php における PHP リモートファイルインクルージョンの脆弱性 Tucows Client Code Suite (CCS) の libs/tucows/api/cartridges/crt_TUCOWS_domains/lib/domainutils.inc.php には、PHP リモートファイルインクルージョンの脆弱性が存在します。 CVE-2006-6551 22653 7.5 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003619.html  View