Description
PHP remote file inclusion vulnerability in Beautifier/Core.php in Brad Fears phpCodeCabinet 0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the BEAUT_PATH parameter.
Affected products
- brad_fears / phpcodecabinet0.1 – 0.1
- brad_fears / phpcodecabinet0.2 – 0.2
- brad_fears / phpcodecabinet0.3 – 0.3
- brad_fears / phpcodecabinet0.4 – 0.4
- brad_fears / phpcodecabinet0.5 – 0.5
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/21386
- MISChttp://downloads.securityfocus.com/vulnerabilities/exploits/PHPCabinetRFIAugust052006.html
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/28238
- MISChttp://www.securityfocus.com/bid/19359
- MISChttp://archives.neohapsis.com/archives/fulldisclosure/2006-08/0146.html
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/3168