Vulnerabilities > CVE-2006-4645 - Remote File Include vulnerability in Akarru Social BookMarking Engine Main_Content.PHP
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PHP remote file inclusion vulnerability in akarru.gui/main_content.php in Akarru Social BookMarking Engine 0.4.3.34 and earlier, and possibly 0.4.4.120, allows remote attackers to execute arbitrary PHP code via a URL in the bm_content parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Exploit-Db
description | Akarru <= 0.4.3.34 (bm_content) Remote File Include Vulnerability. CVE-2006-4645. Webapps exploit for php platform |
file | exploits/php/webapps/2315.txt |
id | EDB-ID:2315 |
last seen | 2016-01-31 |
modified | 2006-09-06 |
platform | php |
port | |
published | 2006-09-06 |
reporter | ddoshomo |
source | https://www.exploit-db.com/download/2315/ |
title | Akarru <= 0.4.3.34 bm_content Remote File Include Vulnerability |
type | webapps |
References
- http://secunia.com/advisories/21784
- http://securityreason.com/securityalert/1543
- http://www.securityfocus.com/archive/1/445605/100/0/threaded
- http://www.securityfocus.com/bid/19870
- http://www.vupen.com/english/advisories/2006/3491
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28760
- https://www.exploit-db.com/exploits/2315