Vulnerabilities > CVE-2006-4369 - Remote File Include vulnerability in Integramod Portal 2.0
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Absolute path traversal vulnerability in includes/functions_portal.php in IntegraMOD Portal 2.x and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via an absolute pathname in the phpbb_root_path parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Integramod Portal <= 2.x (functions_portal.php) Remote Include Exploit. CVE-2006-4368,CVE-2006-4369. Webapps exploit for php platform |
| file | exploits/php/webapps/2250.pl |
| id | EDB-ID:2250 |
| last seen | 2016-01-31 |
| modified | 2006-08-23 |
| platform | php |
| port | |
| published | 2006-08-23 |
| reporter | nukedx |
| source | https://www.exploit-db.com/download/2250/ |
| title | Integramod Portal <= 2.x functions_portal.php Remote Include Exploit |
| type | webapps |