Description

PHP remote file inclusion vulnerability in inc/CONTROL/import/import-mt.php in b2evolution 1.8.5 through 1.9 beta allows remote attackers to execute arbitrary PHP code via a URL in the inc_path parameter.

Remediation

References

CVE-2006-6417

Related Vulnerabilities

WordPress Plugin Fast Secure Contact Form Cross-Site Scripting (4.0.37)

WordPress Plugin Pay Per Media Player Multiple Cross-Site Scripting Vulnerabilities (1.24)

Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.2)

WordPress Plugin Better Font Awesome Cross-Site Scripting (2.0.3)

MySQL CVE-2020-14791 Vulnerability (CVE-2020-14791)

Severity

High

Classification

CVE-2006-6417

Tags

Missing Update Known Vulnerabilities