Vulnerabilities > CVE-2006-5125 - Remote File Include and Information Disclosure vulnerability in Joshua Muheim PHPmywebmin 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in window.php, possibly used by home.php, in Joshua Muheim phpMyWebmin 1.0 allows remote attackers to obtain sensitive information via a directory name in the target parameter, which triggers a directory listing through the opendir function.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description phpMyWebmin 1.0 (window.php) Remote File Include Vulnerability. CVE-2006-5124,CVE-2006-5125. Webapps exploit for php platform file exploits/php/webapps/2451.txt id EDB-ID:2451 last seen 2016-01-31 modified 2006-09-28 platform php port published 2006-09-28 reporter Kernel-32 source https://www.exploit-db.com/download/2451/ title phpMyWebmin 1.0 - window.php Remote File Include Vulnerability type webapps description phpMyWebmin. CVE-2006-5124,CVE-2006-5125,CVE-2006-5181. Webapps exploit for php platform file exploits/php/webapps/2462.txt id EDB-ID:2462 last seen 2016-01-31 modified 2006-09-30 platform php port published 2006-09-30 reporter Mehmet Ince source https://www.exploit-db.com/download/2462/ title phpMyWebmin <= 1.0 - target Remote File Include Vulnerabilities type webapps
References
- http://kernel-32.blogspot.com/2006/09/php-mywebmin-10-remote-file-include.html
- http://secunia.com/advisories/22178
- http://www.securityfocus.com/bid/20264
- http://www.vupen.com/english/advisories/2006/3846
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29259
- https://www.exploit-db.com/exploits/2451