PHP Remote File Inclusion Vulnerability in Les Visiteurs by J-Pierre DEZELUS
CVE-2006-5678

9.8CRITICAL

Key Information:

Vendor: J-pierre Dezelus
Status: Les Visiteurs; PHPmyconferences
Vendor: CVE Published:; 3 November 2006

🔔 Create J-pierre Dezelus Vulnerability Alert

What is CVE-2006-5678?

A PHP remote file inclusion vulnerability exists in the library.inc.php file of Les Visiteurs 2.0.1, which is integrated into phpMyConferences 8.0.2 among others. This flaw permits remote attackers to execute arbitrary PHP code through the manipulation of the lvc_modules_dir parameter. It is noteworthy that this inclusion happens in a function that is not invoked during straightforward requests to library.inc.php, which raises discussions regarding the actual exploitability of this vulnerability.