CVE-2006-6549

CVE-2006-6549 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

PHP remote file inclusion vulnerability in upload.php in Rad Upload 3.02 allows remote attackers to execute arbitrary PHP code via a URL in the save_path parameter. NOTE: CVE disputes this vulnerability because save_path is originally defined as "" before use, and the nearby instructions say "SET THE SAVE PATH by editing the line below.

Learn more about our Web Application Penetration Testing UK.