Vulnonym.com

CVE-2006-5220 - Unscholarlike Velocity

Description

Multiple PHP remote file inclusion vulnerabilities in WebYep 1.1.9 when register_globals is enabled allow remote attackers to execute arbitrary PHP code via the webyep_sIncludePath in (1) files in the programm/lib/ directory including (a) WYApplication.php (b) WYDocument.php (c) WYEditor.php (d) WYElement.php (e) WYFile.php (f) WYHTMLTag.php (g) WYImage.php (h) WYLanguage.php (i) WYLink.php (j) WYPath.php (k) WYPopupWindowLink.php (l) WYSelectMenu.php and (m) WYTextArea.php; (2) files in the programm/elements/ directory including (n) WYGalleryElement.php (o) WYGuestbookElement.php (p) WYImageElement.php (q) WYLogonButtonElement.php (r) WYLongTextElement.php (s) WYLoopElement.php (t) WYMenuElement.php and (u) WYShortTextElement.php; and (3) programm/webyep.php.

Reference

http://www.securityfocus.com/bid/20406 http://advisories.echo.or.id/adv/adv48-theday-2006.txt http://securitytracker.com/id?1017023 http://secunia.com/advisories/22336 http://www.osvdb.org/29643 http://www.osvdb.org/29646 http://www.osvdb.org/29644 http://www.osvdb.org/29661 http://www.osvdb.org/29662 http://www.obdev.at/products/webyep/release-notes.html http://www.osvdb.org/29645 http://www.osvdb.org/29663 http://www.osvdb.org/29647 http://www.osvdb.org/29648 http://www.osvdb.org/29649 http://www.osvdb.org/29650 http://www.osvdb.org/29651 http://www.osvdb.org/29652 http://www.osvdb.org/29653 http://www.osvdb.org/29654 http://www.osvdb.org/29655 http://www.osvdb.org/29656 http://www.osvdb.org/29657 http://www.osvdb.org/29658 http://www.osvdb.org/29659 http://www.osvdb.org/29660 http://securityreason.com/securityalert/1702 http://www.vupen.com/english/advisories/2006/3972 https://exchange.xforce.ibmcloud.com/vulnerabilities/29397 https://www.exploit-db.com/exploits/2496 http://www.securityfocus.com/archive/1/448009/100/0/threaded