Vulnerabilities > CVE-2006-2726 - Remote File Include vulnerability in Fastpublish CMS 1.6.9.D

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
fastpublish
exploit available
NVD
Published: 2006-06-01
Updated: 2017-10-19

Summary

PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1) drucken.php, (2) drucken2.php, (3) email_an_benutzer.php, (4) rechnung.php, (5) suche/search.php and (6) adminbereich/admin.php.

Vulnerable Configurations

Part Description Count
Application
Fastpublish
1

Exploit-Db

descriptionFastpublish CMS 1.6.9 config[fsBase] Remote Include Vulnerabilities. CVE-2006-2726. Webapps exploit for php platform
fileexploits/php/webapps/1848.txt
idEDB-ID:1848
last seen2016-01-31
modified2006-05-29
platformphp
port
published2006-05-29
reporterKacper
sourcehttps://www.exploit-db.com/download/1848/
titleFastpublish CMS 1.6.9 - configfsBase Remote Include Vulnerabilities
typewebapps

References