PHP Remote File Inclusion Vulnerability in Site News by an Unknown Vendor
CVE-2006-6212

Currently unrated

Key Information:

Vendor

Webwiz

Status
Site News
Vendor
CVE Published:
1 December 2006

What is CVE-2006-6212?

A PHP remote file inclusion vulnerability exists in the centre.php file of Site News (site_news) version 2.00 and possibly earlier versions. This vulnerability permits remote attackers to execute arbitrary PHP code by supplying a malicious URL in the page parameter. The risk arises from improper input validation, enabling the exploitation of the application and potentially leading to unauthorized access or control of the affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2006/4685
vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/23082
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/21269
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.