Vulnerabilities > CVE-2006-4113 - Remote File Include vulnerability in Hitweb REP_INC
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PHP remote file inclusion vulnerability in genpage-cgi.php in Brian Fraval hitweb 4.2 and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the REP_INC parameter. Successful exploitation requires that "register_globals" is enabled.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Hitweb <= 4.2.1 (REP_INC) Remote File Include Vulnerability. CVE-2006-4113. Webapps exploit for php platform |
file | exploits/php/webapps/2149.txt |
id | EDB-ID:2149 |
last seen | 2016-01-31 |
modified | 2006-08-08 |
platform | php |
port | |
published | 2006-08-08 |
reporter | Drago84 |
source | https://www.exploit-db.com/download/2149/ |
title | Hitweb <= 4.2.1 REP_INC Remote File Include Vulnerability |
type | webapps |