Vulnonym.com

CVE-2006-5481 - Unbusinesslike Weave

Description

Multiple PHP remote file inclusion vulnerabilities in 2le.net Castor PHP Web Builder 1.1.1 allow remote attackers to execute arbitrary PHP code via the rootpath parameter in (1) lib/code.php (2) lib/dbconnect.php (3) lib/error.php (4) lib/menu.php and other unspecified files. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Reference

http://secunia.com/advisories/22527 http://www.vupen.com/english/advisories/2006/4143