Vulnerabilities > CVE-2006-4912 - Remote File Include vulnerability in PHP DocWriter

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
php-docwriter
exploit available
NVD
Published: 2006-09-21
Updated: 2017-10-19

Summary

PHP remote file inclusion vulnerability in PHP DocWriter 0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the script parameter.

Vulnerable Configurations

Part Description Count
Application
Php_Docwriter
1

Exploit-Db

descriptionPHP DocWriter <= 0.3 (script) Remote File Include Exploit. CVE-2006-4912. Webapps exploit for php platform
fileexploits/php/webapps/2373.txt
idEDB-ID:2373
last seen2016-01-31
modified2006-09-15
platformphp
port
published2006-09-15
reporterKacper
sourcehttps://www.exploit-db.com/download/2373/
titlePHP DocWriter <= 0.3 script Remote File Include Exploit
typewebapps

References