Vulnerabilities > CVE-2006-1243 - Local File Include vulnerability in Simple PHP Blog

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
alexander-palmo
nessus
exploit available
NVD
Published: 2006-03-15
Updated: 2017-10-19

Summary

Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the blog_language parameter, as demonstrated by injecting PHP sequences into an Apache access_log file, which is then included using install05.php.

Vulnerable Configurations

Part Description Count
Application
Alexander_Palmo
5

Exploit-Db

descriptionSimple PHP Blog <= 0.4.7.1 Remote Command Execution Exploit. CVE-2006-1243. Webapps exploit for php platform
fileexploits/php/webapps/1581.pl
idEDB-ID:1581
last seen2016-01-31
modified2006-03-13
platformphp
port
published2006-03-13
reporterrgod
sourcehttps://www.exploit-db.com/download/1581/
titleSimple PHP Blog <= 0.4.7.1 - Remote Command Execution Exploit
typewebapps

Nessus

NASL familyCGI abuses
NASL idSPHPBLOG_BLOG_LANGUAGE_FILE_INCLUDES.NASL
descriptionThe version of Simple PHP Blog installed on the remote host fails to sanitize input to the
last seen2020-06-01
modified2020-06-02
plugin id21082
published2006-03-15
reporterThis script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/21082
titleSimple PHP Blog install05.php blog_language Parameter Local File Inclusion

References