← back
CVE-2006-4557

CVE-2006-4557

EPSS 1.4%
PHP remote file inclusion vulnerability in plugins/plugins.php in Bob Jewell Discloser 0.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the type parameter. NOTE: another researcher has stated that an attacker cannot control the type parameter. As of 20060901, CVE analysis concurs with the dispute
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.securityfocus.com/archive/1/443466/100/200/threadedhttp://www.securityfocus.com/archive/1/443522/100/200/threadedhttp://www.securityfocus.com/archive/1/443710/100/100/threadedhttp://www.securityfocus.com/archive/1/444074/100/100/threaded