CVE-2006-6786

CVE-2006-6786 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Open Newsletter 2.5 and earlier allows remote authenticated administrators to execute arbitrary PHP code by inserting the code into the email parameter to (1) subscribe.php or (2) unsubscribe.php.

Learn more about our Web Application Penetration Testing UK.