Vulnerabilities > CVE-2006-5124 - Remote File Include and Information Disclosure vulnerability in Joshua Muheim PHPmywebmin 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) target and (2) action parameters in window.php, and possibly the (3) target parameter in home.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description phpMyWebmin 1.0 (window.php) Remote File Include Vulnerability. CVE-2006-5124,CVE-2006-5125. Webapps exploit for php platform file exploits/php/webapps/2451.txt id EDB-ID:2451 last seen 2016-01-31 modified 2006-09-28 platform php port published 2006-09-28 reporter Kernel-32 source https://www.exploit-db.com/download/2451/ title phpMyWebmin 1.0 - window.php Remote File Include Vulnerability type webapps description phpMyWebmin. CVE-2006-5124,CVE-2006-5125,CVE-2006-5181. Webapps exploit for php platform file exploits/php/webapps/2462.txt id EDB-ID:2462 last seen 2016-01-31 modified 2006-09-30 platform php port published 2006-09-30 reporter Mehmet Ince source https://www.exploit-db.com/download/2462/ title phpMyWebmin <= 1.0 - target Remote File Include Vulnerabilities type webapps
References
- http://kernel-32.blogspot.com/2006/09/php-mywebmin-10-remote-file-include.html
- http://secunia.com/advisories/22178
- http://www.securityfocus.com/bid/20264
- http://www.vupen.com/english/advisories/2006/3846
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29258
- https://www.exploit-db.com/exploits/2451