CVE Vulnerabilities

CVE-2006-5100

Published: Oct 03, 2006 | Modified: Oct 17, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

PHP remote file inclusion vulnerability in parse/parser.php in WEB//NEWS (aka webnews) 1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the WN_BASEDIR parameter.

Affected Software

Name Vendor Start Version End Version
Webnews Netwin 1.1i 1.1i
Webnews Netwin 1.4 1.4
Webnews Netwin 1.1h 1.1h
Webnews Netwin 1.1j 1.1j
Webnews Netwin 1.1k 1.1k

References