Intrusion Prevention

Travelsized.CMS.Frontpage.PHP.Remote.File.Inclusion

Description

PHP remote file inclusion vulnerability in frontpage.php in Dan Jensen Travelsized CMS 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the setup_folder parameter.

Affected Products

Dan Jensen Travelsized CMS 0.4

Impact

Execute arbitrary PHP code.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

CVE References

CVE-2006-5182