Vulnerabilities > CVE-2006-5893 - Unspecified vulnerability in Iwonder Designs Storystream 0.4.0.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
iwonder-designs
exploit available

Summary

Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.

Vulnerable Configurations

Part Description Count
Application
Iwonder_Designs
1

Exploit-Db

descriptionStoryStream 4.0 (baseDir) Remote File Include Vulnerabilities. CVE-2006-5893. Webapps exploit for php platform
fileexploits/php/webapps/2767.txt
idEDB-ID:2767
last seen2016-01-31
modified2006-11-12
platformphp
port
published2006-11-12
reporterv1per-haCker
sourcehttps://www.exploit-db.com/download/2767/
titleStoryStream 4.0 baseDir Remote File Include Vulnerabilities
typewebapps