Vulnerabilities > CVE-2006-6140 - Remote Security vulnerability in Sisfo Kampus Sisfo Kampus 2006

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
sisfo-kampus
exploit available
NVD
Published: 2006-11-28
Updated: 2011-03-08

Summary

PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to execute arbitrary PHP code via a URL in the slnt parameter to (1) index.php and (2) print.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
Application
Sisfo_Kampus
1

Exploit-Db

descriptionSisfo Kampus <= 0.8 Remote File Inclusion / Download Vulnerabilities. CVE-2006-6137,CVE-2006-6138,CVE-2006-6140. Webapps exploit for php platform
fileexploits/php/webapps/2847.txt
idEDB-ID:2847
last seen2016-01-31
modified2006-11-25
platformphp
port
published2006-11-25
reporterWawan Firmansyah
sourcehttps://www.exploit-db.com/download/2847/
titleSisfo Kampus <= 0.8 - Remote File Inclusion / Download Vulnerabilities
typewebapps

References