Description

PHP remote file inclusion vulnerability in open_form.php in osTicket allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter.

Remediation

References

CVE-2006-5407

Related Vulnerabilities

OpenSSL NULL Pointer Dereference Vulnerability (CVE-2009-1386)

WordPress Plugin iLive-Intelligent WordPress Live Chat Support Cross-Site Scripting (1.0.4)

WordPress Plugin Duo Two-Factor Authentication Security Bypass (1.8.1)

WordPress Plugin User Meta Manager Multiple Vulnerabilities (3.4.6)

WordPress Plugin Gallery-Flagallery Photo Portfolio Multiple Vulnerabilities (2.00)

Severity

High

Classification

CVE-2006-5407

Tags

Missing Update Known Vulnerabilities