Vulnerabilities > CVE-2006-6416 - Remote File Include vulnerability in PHPleague - Univert PHPleague 0.8.1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
phpleague-univert
exploit available
NVD
Published: 2006-12-10
Updated: 2017-07-29

Summary

Multiple PHP remote file inclusion vulnerabilities in PhpLeague - Univert PhpLeague 0.81 allow remote attackers to execute arbitrary PHP code via a URL in the cheminmini parameter to (1) consult/miniseul.php or (2) config.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
Application
Phpleague_-_Univert
1

Exploit-Db

descriptionPhpLeague 0.81 consult/miniseul.php cheminmini Parameter Remote File Inclusion. CVE-2006-6416. Webapps exploit for php platform
idEDB-ID:28864
last seen2016-02-03
modified2006-10-26
published2006-10-26
reporterajaan
sourcehttps://www.exploit-db.com/download/28864/
titlePhpLeague 0.81 consult/miniseul.php cheminmini Parameter Remote File Inclusion

References