CVE

Id
23224  
CVE No.
CVE-2006-7120  
Status
Candidate  
Description
** DISPUTED ** PHP remote file inclusion vulnerability in lib/php/phphtmllib-2.5.4/examples/example6.php for maintain 3.0.0-RC2 allows remote attackers to execute arbitrary PHP code via a URL in the phphtmllib parameter. NOTE: this issue might be in phpHtmlLib. NOTE: CVE disputes this issue for proper installations of maintain, since $phphtmllib is set in includes.inc before being used in example6.php.  
Phase
Assigned (20070305)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
223632 23224 CVE-2006-7120 BUGTRAQ:20061015 maintain-3.0.0-RC2 - Remote File Include Vulnerabilities  View
223633 23224 CVE-2006-7120 URL:http://www.securityfocus.com/archive/1/archive/1/448780/100/0/threaded  View
223634 23224 CVE-2006-7120 BID:20560  View
223635 23224 CVE-2006-7120 URL:http://www.securityfocus.com/bid/20560  View
223636 23224 CVE-2006-7120 SREASON:2359  View
223637 23224 CVE-2006-7120 URL:http://securityreason.com/securityalert/2359  View
223638 23224 CVE-2006-7120 XF:maintain-phphtmllib-file-include(29596)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
54434 JVNDB-2007-003126 BSQ Sitestats の IP Address Lookup 機能におけるクロスサイトスクリプティングの脆弱性 BSQ Sitestas (Joomla 用のコンポーネント) の IP Address Lookup 機能には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2006-7122 23224 6.8 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003126.html  View