Description
PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter. NOTE: this only occurs when register_globals is disabled.
Exploits (1)
References (7)
Scores
EPSS
0.1024
EPSS Percentile
93.2%
Details
CWE
CWE-94
Status
published
Products (1)
squery/squery
< 4.5
Published
Apr 04, 2006
Tracked Since
Feb 18, 2026