CVE-2006-5473

PHP remote file inclusion vulnerability in Description.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via the lib_dir parameter. NOTE: this issue is disputed by CVE as of 20061023, since there is no Description.php file included in the product, and the existing "Description" file contains documentation, not functioning code

🔗 References (8)

• cve@mitrehttp://attrition.org/pipermail/vim/2006-October/001090.html
• cve@mitrehttp://securityreason.com/securityalert/1763
• cve@mitrehttp://www.attrition.org/pipermail/vim/2006-October/001094.html
• cve@mitrehttp://www.securityfocus.com/archive/1/449355/100/0/threaded
• af854a3a-2127-422b-91ae-364da2661108http://attrition.org/pipermail/vim/2006-October/001090.html
• af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/1763
• af854a3a-2127-422b-91ae-364da2661108http://www.attrition.org/pipermail/vim/2006-October/001094.html
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/449355/100/0/threaded