Vulnerabilities > CVE-2006-5637 - Remote File Include vulnerability in FAQ Administrator FAQ Administrator 2.1B
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PHP remote file inclusion vulnerability in faq_reply.php in Faq Administrator 2.1b allows remote attackers to execute arbitrary PHP code via a URL in the email parameter. This vulnerability is addressed in the following product release: FAQ Administrator, FAQ Administrator, 3.0
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Faq Administrator 2.1 (faq_reply.php) Remote File Include Vulnerability. CVE-2006-5637. Webapps exploit for php platform |
file | exploits/php/webapps/2678.txt |
id | EDB-ID:2678 |
last seen | 2016-01-31 |
modified | 2006-10-29 |
platform | php |
port | |
published | 2006-10-29 |
reporter | v1per-haCker |
source | https://www.exploit-db.com/download/2678/ |
title | Faq Administrator 2.1 faq_reply.php Remote File Include Vulnerability |
type | webapps |
References
- http://secunia.com/advisories/22621
- http://www.attrition.org/pipermail/vim/2006-October/001100.html
- http://www.osvdb.org/30115
- http://www.securityfocus.com/bid/20796
- http://www.vupen.com/english/advisories/2006/4254
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29868
- https://www.exploit-db.com/exploits/2678