cve/2006/CVE-2006-3689.md

CVE-2006-3689

Description

** DISPUTED ** PHP remote file inclusion vulnerability in user-func.php in Codeworks Gnomedia SubberZ[Lite] allows remote attackers to execute arbitrary PHP code via a URL in the myadmindir parameter. NOTE: this issue has been disputed by a third party that claims that " the myadmindir variable is set before any GET variables are processed."

POC

Reference

• http://www.securityfocus.com/bid/18990

Github

No PoCs found on GitHub currently.