Vulnerabilities > CVE-2006-3517 - Remote File Include vulnerability in RW::Download Stats.PHP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PHP remote file inclusion vulnerability in stats.php in RW::Download, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | RW::Download Stats.PHP Remote File Include Vulnerability. CVE-2006-3517. Webapps exploit for php platform |
id | EDB-ID:28195 |
last seen | 2016-02-03 |
modified | 2006-07-08 |
published | 2006-07-08 |
reporter | StorMBoY |
source | https://www.exploit-db.com/download/28195/ |
title | RW::Download Stats.PHP Remote File Include Vulnerability |