Vulnerabilities > CVE-2006-5079 - Remote File Include vulnerability in PABugs Class.MySQL.PHP

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

php-arena

exploit available

NVD

Published: 2006-09-29

Updated: 2017-10-19

Summary

PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.

Vulnerable Configurations

Part	Description	Count
Application	Php_Arena PHP Arena Pabugs *	1

Exploit-Db

description	paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit. CVE-2006-5079. Webapps exploit for php platform
file	exploits/php/webapps/2437.php
id	EDB-ID:2437
last seen	2016-01-31
modified	2006-09-26
platform	php
port
published	2006-09-26
reporter	Kacper
source	https://www.exploit-db.com/download/2437/
title	paBugs <= 2.0 Beta 3 class.mysql.php Remote File Include Exploit
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References