Intrusion Prevention

WebProvence.Spaw.control.class.PHP.Remote.File.Inclusion

Description

A PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_Site 1.0 and earlier, allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter.

Affected Products

Web-Provence SL_site 1.0

Impact

Execute arbitrary PHP code.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.
http://www.web-provence.org/page.php?id_page=8.

CVE References

CVE-2006-4656