Vulnerabilities > CVE-2006-5431 - Remote File Include vulnerability in Zorum DBProperty.PHP

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

phpoutsourcing

exploit available

NVD

Published: 2006-10-20

Updated: 2018-10-17

Summary

PHP remote file inclusion vulnerability in gorum/dbproperty.php in PHPOutsourcing Zorum 3.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appDirName parameter.

Vulnerable Configurations

Part	Description	Count
Application	Phpoutsourcing Phpoutsourcing Zorum *	1

Exploit-Db

description	Zorum 3.5 DBProperty.PHP Remote File Include Vulnerability. CVE-2006-5431. Webapps exploit for php platform
id	EDB-ID:28828
last seen	2016-02-03
modified	2006-10-19
published	2006-10-19
reporter	MoHaNdKo
source	https://www.exploit-db.com/download/28828/
title	Zorum 3.5 DBProperty.PHP Remote File Include Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References