RSS   Vulnerabilities for 'Docmgr'   RSS

2006-02-14
 
CVE-2006-0687

CWE-Other
 

 
process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable.

 


Copyright 2022, cxsecurity.com

 

Back to Top