Vulnerabilities > CVE-2006-2744 - Remote File Include vulnerability in F@cile Interactive web 0.8.41/0.8.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PHP remote file inclusion vulnerability in p-popupgallery.php in F@cile Interactive Web 0.8.41 through 0.8.5 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | F@cile Interactive Web <= 0.8x Remote (Include / XSS) Vulnerabilities. CVE-2006-2744,CVE-2006-2745,CVE-2006-2746. Webapps exploit for php platform |
| id | EDB-ID:1841 |
| last seen | 2016-01-31 |
| modified | 2006-05-28 |
| published | 2006-05-28 |
| reporter | nukedx |
| source | https://www.exploit-db.com/download/1841/ |
| title | F@cile Interactive Web <= 0.8x Remote Include / XSS Vulnerabilities |
References
- http://secunia.com/advisories/20358
- http://securityreason.com/securityalert/1010
- http://www.nukedx.com/?getxpl=35
- http://www.nukedx.com/?viewdoc=35
- http://www.osvdb.org/26100
- http://www.securityfocus.com/archive/1/435283/100/0/threaded
- http://www.securityfocus.com/bid/18149
- http://www.vupen.com/english/advisories/2006/2036
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26839