Vulnerabilities > CVE-2006-4987 - Input Validation vulnerability in Patrick Michaelis Wili-Cms 0.1.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple PHP remote file inclusion vulnerabilities in Patrick Michaelis Wili-CMS allow remote attackers to execute arbitrary PHP code via a URL in the globals[content_dir] parameter in (1) example-view/templates/article.php, (2) example-view/templates/root.php, and (3) example-view/templates/dates_list.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Wili-CMS <= 0.1.1 (include/xss/full path) Remote Vulnerabilities. CVE-2006-4987,CVE-2006-4988,CVE-2006-4989. Webapps exploit for php platform |
id | EDB-ID:2414 |
last seen | 2016-01-31 |
modified | 2006-09-21 |
published | 2006-09-21 |
reporter | HACKERS PAL |
source | https://www.exploit-db.com/download/2414/ |
title | Wili-CMS <= 0.1.1 include/xss/full path Remote Vulnerabilities |