Vulnerabilities > CVE-2006-5068 - Remote File Include vulnerability in BrudaNews/GrudaGB
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PHP remote file inclusion vulnerability in admin/index.php in Brudaswen (1) BrudaNews 1.1 and earlier and (2) BrudaGB 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the o parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description BrudaGB <= 1.1 (admin/index.php) Remote File Include Vulnerability. CVE-2006-5068. Webapps exploit for php platform file exploits/php/webapps/2433.txt id EDB-ID:2433 last seen 2016-01-31 modified 2006-09-25 platform php port published 2006-09-25 reporter SHiKaA source https://www.exploit-db.com/download/2433/ title BrudaGB <= 1.1 admin/index.php Remote File Include Vulnerability type webapps description BrudaNews <= 1.1 (admin/index.php) Remote File Include Vulnerability. CVE-2006-5068. Webapps exploit for php platform file exploits/php/webapps/2432.txt id EDB-ID:2432 last seen 2016-01-31 modified 2006-09-25 platform php port published 2006-09-25 reporter SHiKaA source https://www.exploit-db.com/download/2432/ title BrudaNews <= 1.1 admin/index.php Remote File Include Vulnerability type webapps
References
- http://secunia.com/advisories/22115
- http://www.osvdb.org/29176
- http://www.securityfocus.com/bid/20192
- http://www.vupen.com/english/advisories/2006/3773
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29141
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29142
- https://www.exploit-db.com/exploits/2432
- https://www.exploit-db.com/exploits/2433