Vulnerabilities > CVE-2006-4746 - Remote Security vulnerability in Comscripts web Server Creator 0.1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
comscripts
exploit available
NVD
Published: 2006-09-13
Updated: 2018-10-17

Summary

PHP remote file inclusion vulnerability in news/include/customize.php in Web Server Creator 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter.

Vulnerable Configurations

Part Description Count
Application
Comscripts
1

Exploit-Db

descriptionWeb Server Creator v0.1 (l) Remote Include Vulnerability. CVE-2006-4746. Webapps exploit for php platform
fileexploits/php/webapps/2318.txt
idEDB-ID:2318
last seen2016-01-31
modified2006-09-07
platformphp
port
published2006-09-07
reporterMehmet Ince
sourcehttps://www.exploit-db.com/download/2318/
titleWeb Server Creator 0.1 - l Remote Include Vulnerability
typewebapps

References