RSS   Vulnerabilities for 'Dreamaccount'   RSS

2006-12-01
 
CVE-2006-6232

CWE-Other
 

 
PHP remote file inclusion vulnerability in admin/index.php in DreamAccount 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter.

 
2006-06-07
 
CVE-2006-2881

CWE-Other
 

 
Multiple PHP remote file inclusion vulnerabilities in DreamAccount 3.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the da_path parameter in the (1) auth.cookie.inc.php, (2) auth.header.inc.php, or (3) auth.sessions.inc.php scripts.

 

 >>> Vendor: Dreamcost 2 Products
Hostadmin
Dreamaccount


Copyright 2022, cxsecurity.com

 

Back to Top