Vulnerabilities > CVE-2006-5837 - Remote Code Execution vulnerability in Simplechat 1.0.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Static code injection vulnerability in chat_panel.php in the SimpleChat 1.0.0 module for iWare Professional CMS allows remote attackers to inject arbitrary PHP code into chat_log.php via the msg parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | iWare Pro <= 5.0.4 (chat_panel.php) Remote Code Execution Vulnerability. CVE-2006-5837. Webapps exploit for php platform |
| file | exploits/php/webapps/2733.txt |
| id | EDB-ID:2733 |
| last seen | 2016-01-31 |
| modified | 2006-11-07 |
| platform | php |
| port | |
| published | 2006-11-07 |
| reporter | nuffsaid |
| source | https://www.exploit-db.com/download/2733/ |
| title | iWare Pro <= 5.0.4 chat_panel.php Remote Code Execution Vulnerability |
| type | webapps |