PHP Remote File Inclusion Vulnerability in Free File Hosting by Free File Hosting
CVE-2006-5764

Currently unrated

Key Information:

Vendor: Free PHP Scripts
Status: Free File Hosting
Vendor: CVE Published:; 6 November 2006

What is CVE-2006-5764?

A PHP remote file inclusion vulnerability exists in the 'contact.php' script of Free File Hosting version 1.1 and earlier. This flaw permits attackers to execute arbitrary PHP code through specially crafted URLs provided in the AD_BODY_TEMP parameter. The vulnerability was acknowledged in later reports for the 'File Upload System', indicating its broader implications. Organizations using affected versions should prioritize patching to mitigate potential exploitation risks.

References

http://www.attrition.org/pipermail/vim/2007-March/001473....

mailing-listx_refsource_VIM

http://www.securityfocus.com/bid/23118

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2006/4228

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Nov 6, 2006
Vulnerability Reserved
Nov 6, 2006

Free PHP Scripts

What is CVE-2006-5764?

References

Timeline