Vulnerabilities > CVE-2006-0785 - File-Upload vulnerability in PHPKIT

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
phpkit
nessus

Summary

Absolute path traversal vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier allows remote attackers to include and execute arbitrary local files via a direct request with a path parameter with a null character and beginning with (1) '/' (slash) for an absolute pathname or (2) a drive letter (such as "C:"), which bypasses checks for ".." sequences and trailing ".php" extensions.

Vulnerable Configurations

Part Description Count
Application
Phpkit
1

Nessus

NASL familyCGI abuses
NASL idPHPKIT_MULTIPLE_FLAWS.NASL
descriptionThe remote host is running PHP-Kit, an open source content management system written in PHP. The remote version of this software is vulnerable to multiple remote and local code execution, SQL injection and cross-site scripting flaws.
last seen2020-06-01
modified2020-06-02
plugin id15784
published2004-11-22
reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/15784
titlePHP-Kit <= 1.6.1 RC2 Multiple Vulnerabilities