Vulnerabilities > CVE-2006-0125 - Remote File Include vulnerability in Appserv Open Project Appserv 2.4.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Unspecified vulnerability in appserv/main.php in AppServ 2.4.5 allows remote attackers to include arbitrary files via the appserv_root parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. There is not enough detail from these third party sources to know whether this is directory traversal, remote file include, or another issue.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | AppServ Open Project 2.4.5 Remote File Include Vulnerability. CVE-2006-0125. Webapps exploit for php platform |
| id | EDB-ID:27048 |
| last seen | 2016-02-03 |
| modified | 2006-01-09 |
| published | 2006-01-09 |
| reporter | Xez |
| source | https://www.exploit-db.com/download/27048/ |
| title | AppServ Open Project 2.4.5 - Remote File Include Vulnerability |
Nessus
| NASL family | CGI abuses |
| NASL id | APPSERV_APPSERV_ROOT_INCLUDES.NASL |
| description | The remote host appears to be running AppServ, a compilation of Apache, PHP, MySQL, and phpMyAdmin for Windows and Linux. The version of AppServ installed on the remote host fails to sanitize user-supplied input to the |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 20383 |
| published | 2006-01-10 |
| reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/20383 |
| title | AppServ appserv/main.php appserv_root Parameter Remote File Inclusion |