Vulnerabilities > CVE-2006-5841 - Denial-Of-Service vulnerability in Dodosmail 2.0/2.0.1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
dodos-scripts
exploit available
NVD
Published: 2006-11-10
Updated: 2018-10-17

Summary

Multiple PHP remote file inclusion vulnerabilities in dodosmail.php in DodosMail 2.0.1 and earlier, and possibly 2.1, allow remote attackers to execute arbitrary PHP code via a URL in the (1) dodosmail_header_file or (2) dodosmail_footer_file parameters.

Vulnerable Configurations

Part Description Count
Application
Dodos_Scripts
3

Exploit-Db

descriptionDodosMail. CVE-2006-5841. Webapps exploit for php platform
fileexploits/php/webapps/2742.txt
idEDB-ID:2742
last seen2016-01-31
modified2006-11-08
platformphp
port
published2006-11-08
reporterCold Zero
sourcehttps://www.exploit-db.com/download/2742/
titleDodosMail <= 2.0.1 - dodosmail.php Remote File Include Vulnerability
typewebapps

References