CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Owl: >> Owl Intranet Engine >> 0.82 Security Vulnerabilities

CVE-2006-1149

PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL Intranet Engine 0.82, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the xrms_file_root parameter, which is not initialized before use.

CVSS Score

7.5

EPSS Score

0.16

Published

2006-03-10

Page 1

Vulnerabilities

Vulnerable Software

Owl: >> Owl Intranet Engine >> 0.82 Security Vulnerabilities

Products

Pricing

Contact Us