Vulnerabilities > CVE-2006-4063 - Remote Security vulnerability in Csaba Godor Sapid Blog Beta 2 Initial
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple PHP remote file inclusion vulnerabilities in Csaba Godor SAPID Blog Beta 2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) root_path parameter to (a) usr/extensions/get_blog_infochannel.inc.php, (b) usr/extensions/get_blog_meta_info.inc.php, or (c) usr/extensions/get_infochannel.inc.php; or the (2) GLOBALS[root_path] parameter to (d) usr/extensions/get_tree.inc.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description SAPID Shop <= 1.2 (root_path) Remote File Include Vulnerability. CVE-2006-4062,CVE-2006-4063. Webapps exploit for php platform file exploits/php/webapps/2131.txt id EDB-ID:2131 last seen 2016-01-31 modified 2006-08-07 platform php port 80 published 2006-08-07 reporter Kacper source https://www.exploit-db.com/download/2131/ title SAPID Shop <= 1.2 root_path Remote File Include Vulnerability type webapps description SAPID Gallery <= 1.0 (root_path) Remote File Include Vulnerabilities. CVE-2006-4063,CVE-2006-4065. Webapps exploit for php platform file exploits/php/webapps/2130.txt id EDB-ID:2130 last seen 2016-01-31 modified 2006-08-07 platform php port 80 published 2006-08-07 reporter Kacper source https://www.exploit-db.com/download/2130/ title SAPID Gallery <= 1.0 root_path Remote File Include Vulnerabilities type webapps description SAPID CMS <= 1.2.3.05 (root_path) Remote File Include Vulnerabilities. CVE-2006-4026,CVE-2006-4063. Webapps exploit for php platform file exploits/php/webapps/2128.txt id EDB-ID:2128 last seen 2016-01-31 modified 2006-08-07 platform php port published 2006-08-07 reporter Kacper source https://www.exploit-db.com/download/2128/ title SAPID CMS <= 1.2.3.05 root_path Remote File Include Vulnerabilities type webapps id EDB-ID:2129