Intrusion Prevention

TSEP.Copyright.PHP.Remote.File.Inclusion

Description

PHP remote file inclusion vulnerability in copyright.php in Olaf Noehring The Search Engine Project (TSEP) 0.942, allows remote attackers to execute arbitrary PHP code via a URL in the tsep_config[absPath] parameter.

Affected Products

TSEP version 0.942 and prior.

Impact

Execute arbitrary PHP code.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

CVE References

CVE-2006-3993