Vulnerabilities > CVE-2006-5263 - Local File Include vulnerability in PhpMyAgenda Language
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Directory traversal vulnerability in templates/header.php3 in phpMyAgenda 3.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter, as demonstrated by a parameter value naming an Apache HTTP Server log file that apparently contains PHP code.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | phpMyAgenda <= 3.1 (templates/header.php3) Local File Include Exploit. CVE-2006-5263. Webapps exploit for php platform |
file | exploits/php/webapps/2500.pl |
id | EDB-ID:2500 |
last seen | 2016-01-31 |
modified | 2006-10-10 |
platform | php |
port | |
published | 2006-10-10 |
reporter | Nima Salehi |
source | https://www.exploit-db.com/download/2500/ |
title | phpMyAgenda <= 3.1 templates/header.php3 Local File Include Exploit |
type | webapps |