Vulnerabilities > CVE-2006-0214 - Unspecified vulnerability in Indexcor Ezdatabase 2.0/2.1.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Eval injection vulnerability in ezDatabase 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the db_id parameter to visitorupload.php, as demonstrated using phpinfo and include function calls.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | ezDatabase <= 2.0 (db_id) Remote Command Execution Exploit. CVE-2006-0214. Webapps exploit for php platform |
id | EDB-ID:1442 |
last seen | 2016-01-31 |
modified | 2006-01-22 |
published | 2006-01-22 |
reporter | cijfer |
source | https://www.exploit-db.com/download/1442/ |
title | ezDatabase <= 2.0 db_id Remote Command Execution Exploit |