Vulnerabilities > CVE-2006-4945 - Unspecified vulnerability in Cardway Digitalwebshop 1.110/1.120/1.128
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cardway
exploit available
Summary
Multiple PHP remote file inclusion vulnerabilities in Cardway (aka Frederic Boudaud) DigitalWebShop 1.128 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the _PHPLIB[libdir] parameter to (1) rechnung.php or (2) prepend.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | Digital WebShop <= 1.128 Multiple Remote File Include Vulnerabilities. CVE-2006-4945. Webapps exploit for php platform |
| file | exploits/php/webapps/2398.txt |
| id | EDB-ID:2398 |
| last seen | 2016-01-31 |
| modified | 2006-09-19 |
| platform | php |
| port | |
| published | 2006-09-19 |
| reporter | ajann |
| source | https://www.exploit-db.com/download/2398/ |
| title | Digital WebShop <= 1.128 - Multiple Remote File Include Vulnerabilities |
| type | webapps |
References
- http://secunia.com/advisories/22026
- http://secunia.com/advisories/22026
- http://www.securityfocus.com/bid/20107
- http://www.securityfocus.com/bid/20107
- http://www.vupen.com/english/advisories/2006/3705
- http://www.vupen.com/english/advisories/2006/3705
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29037
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29037
- https://www.exploit-db.com/exploits/2398
- https://www.exploit-db.com/exploits/2398