Cms Faethon : Security Vulnerabilities, CVEs, Published In 2006 (File inclusion)
Multiple PHP remote file inclusion vulnerabilities in CMS Faethon 2.0 Ultimate and earlier, when register_globals and magic_quotes_gpc are enabled, allow remote attackers to execute arbitrary PHP code via a URL in the mainpath parameter to (1) includes/rss-reader.php or (2) admin/config.php, different vectors than CVE-2006-3185.
Max CVSS
7.5
EPSS Score
8.56%
Published
2006-10-27
Updated
2017-10-19
PHP remote file inclusion vulnerability in data/header.php in CMS Faethon 1.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the mainpath parameter.
Max CVSS
7.5
EPSS Score
16.83%
Published
2006-06-23
Updated
2018-10-18
2 vulnerabilities found