RSS   Vulnerabilities for 'Discloser'   RSS

2006-09-05
 
CVE-2006-4557

CWE-Other
 

 
** DISPUTED ** PHP remote file inclusion vulnerability in plugins/plugins.php in Bob Jewell Discloser 0.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the type parameter. NOTE: another researcher has stated that an attacker cannot control the type parameter. As of 20060901, CVE analysis concurs with the dispute.

 


Copyright 2024, cxsecurity.com

 

Back to Top