Vulnerabilities > CVE-2006-5613 - Remote File Include vulnerability in MP3 Streaming Downsampler MP3 Streaming Downsampler 3.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
mp3-streaming-downsampler
exploit available

Summary

PHP remote file inclusion in Core/core.inc.php in MP3 Streaming DownSampler (mp3SDS) 3.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the fullpath parameter

Vulnerable Configurations

Part Description Count
Application
Mp3_Streaming_Downsampler
1

Exploit-Db

descriptionmp3SDS 3.0 (Core/core.inc.php) Remote File Include Vulnerability. CVE-2006-5613. Webapps exploit for php platform
fileexploits/php/webapps/2666.txt
idEDB-ID:2666
last seen2016-01-31
modified2006-10-28
platformphp
port
published2006-10-28
reporterMehmet Ince
sourcehttps://www.exploit-db.com/download/2666/
titlemp3SDS 3.0 Core/core.inc.php Remote File Include Vulnerability
typewebapps