Coinsoft Technologies : Security vulnerabilities, CVEs file inclusion published in 2006

CVE-2006-4425

Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote attackers to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter in coin_includes scripts including (1) api.php, (2) common.php, (3) core.php, (4) custom.php, (5) db.php, (6) redirect.php or (7) session_set.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Max CVSS

5.1

EPSS Score

18.18%

Published

2006-08-29

Updated

2017-07-20

CVE-2006-4424

PHP remote file inclusion vulnerability in coin_includes/constants.php in phpCOIN 1.2.3 allows remote attackers to execute arbitrary PHP code via the _CCFG[_PKG_PATH_INCL] parameter.

Max CVSS

5.1

EPSS Score

2.36%

Published

2006-08-29

Updated

2017-10-19

2 vulnerabilities found

Coinsoft Technologies : Security Vulnerabilities, CVEs, Published In 2006 (File inclusion)

CVE-2006-4425

CVE-2006-4424