CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Cms-Bandits: Security Vulnerabilities

CVE-2006-2928

Multiple PHP remote file inclusion vulnerabilities in CMS-Bandits 2.5 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter in (1) dialogs/img.php and (2) dialogs/td.php.

CVSS Score

5.1

EPSS Score

0.027

Published

2006-06-09

Page 1

Vulnerabilities

Vulnerable Software

Cms-Bandits: Security Vulnerabilities

Products

Pricing

Contact Us