Vulnerabilities > CVE-2006-5899 - Unspecified vulnerability in Acid Stats Acid Stats 2.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN acid-stats
exploit available
Summary
PHP remote file inclusion vulnerability in install.php3 in @cid stats 2.3 allows remote attackers to execute arbitrary PHP code via a URL in the repertoire parameter. NOTE: this issue has been disputed by a third party, who states that install.php3 is supposed to be deleted after installation and, if not deleted, intentionally allows setting repertoire without an inclusion attack
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | @cid Stats 2.3 Install.PHP3 Remote File Include Vulnerability. CVE-2006-5899. Webapps exploit for php platform |
id | EDB-ID:28913 |
last seen | 2016-02-03 |
modified | 2006-11-06 |
published | 2006-11-06 |
reporter | Mahmood_ali |
source | https://www.exploit-db.com/download/28913/ |
title | @cid Stats 2.3 Install.PHP3 - Remote File Include Vulnerability |