Vulnerabilities > CVE-2006-4418 - Unspecified vulnerability in Wikepage 2006.2/2006.2A
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN wikepage
exploit available
Summary
Directory traversal vulnerability in index.php for Wikepage 2006.2a Opus 10 allows remote attackers to include arbitrary local files via the lng parameter, as demonstrated by inserting PHP code into a log file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | Wikepage Opus 10. CVE-2006-4418. Webapps exploit for php platform |
| file | exploits/php/webapps/2252.pl |
| id | EDB-ID:2252 |
| last seen | 2016-01-31 |
| modified | 2006-08-24 |
| platform | php |
| port | |
| published | 2006-08-24 |
| reporter | Hessam-x |
| source | https://www.exploit-db.com/download/2252/ |
| title | Wikepage Opus 10 <= 2006.2a lng - Remote Command Execution Exploit |
| type | webapps |
References
- http://secunia.com/advisories/21542
- http://secunia.com/advisories/21542
- http://www.osvdb.org/28177
- http://www.osvdb.org/28177
- http://www.securityfocus.com/bid/19694
- http://www.securityfocus.com/bid/19694
- http://www.vupen.com/english/advisories/2006/3386
- http://www.vupen.com/english/advisories/2006/3386
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28555
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28555
- https://www.exploit-db.com/exploits/2252
- https://www.exploit-db.com/exploits/2252