Vulnerabilities > CVE-2006-6592 - Unspecified vulnerability in PHP Bloq 0.5.4
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN php
exploit available
Summary
Multiple PHP remote file inclusion vulnerabilities in Bloq 0.5.4 allow remote attackers to execute arbitrary PHP code via a URL in the page[path] parameter to (1) index.php, (2) admin.php, (3) rss.php, (4) rdf.php, (5) rss2.php, or (6) files/mainfile.php.
Exploit-Db
description Bloq 0.5.4 rdf.php page[path] Parameter Remote File Inclusion. CVE-2006-6592. Webapps exploit for php platform id EDB-ID:28801 last seen 2016-02-03 modified 2006-10-13 published 2006-10-13 reporter KorsaN source https://www.exploit-db.com/download/28801/ title Bloq 0.5.4 - rdf.php pagepath Parameter Remote File Inclusion description Bloq 0.5.4 rss2.php page[path] Parameter Remote File Inclusion. CVE-2006-6592. Webapps exploit for php platform id EDB-ID:28800 last seen 2016-02-03 modified 2006-10-13 published 2006-10-13 reporter KorsaN source https://www.exploit-db.com/download/28800/ title Bloq 0.5.4 - rss2.php pagepath Parameter Remote File Inclusion description Bloq 0.5.4 rss.php page[path] Parameter Remote File Inclusion. CVE-2006-6592. Webapps exploit for php platform id EDB-ID:28799 last seen 2016-02-03 modified 2006-10-13 published 2006-10-13 reporter KorsaN source https://www.exploit-db.com/download/28799/ title Bloq 0.5.4 - rss.php pagepath Parameter Remote File Inclusion description Bloq 0.5.4 admin.php page[path] Parameter Remote File Inclusion. CVE-2006-6592. Webapps exploit for php platform id EDB-ID:28798 last seen 2016-02-03 modified 2006-10-13 published 2006-10-13 reporter KorsaN source https://www.exploit-db.com/download/28798/ title Bloq 0.5.4 - admin.php pagepath Parameter Remote File Inclusion description Bloq 0.5.4 files/mainfile.php page[path] Parameter Remote File Inclusion. CVE-2006-6592. Webapps exploit for php platform id EDB-ID:28802 last seen 2016-02-03 modified 2006-10-13 published 2006-10-13 reporter KorsaN source https://www.exploit-db.com/download/28802/ title Bloq 0.5.4 - files/mainfile.php pagepath Parameter Remote File Inclusion description Bloq 0.5.4 index.php page[path] Parameter Remote File Inclusion. CVE-2006-6592. Webapps exploit for php platform id EDB-ID:28797 last seen 2016-02-03 modified 2006-10-13 published 2006-10-13 reporter KorsaN source https://www.exploit-db.com/download/28797/ title Bloq 0.5.4 - index.php pagepath Parameter Remote File Inclusion
References
- http://securityreason.com/securityalert/2039
- http://securityreason.com/securityalert/2039
- http://www.securityfocus.com/archive/1/448603/100/0/threaded
- http://www.securityfocus.com/archive/1/448603/100/0/threaded
- http://www.securityfocus.com/bid/20512
- http://www.securityfocus.com/bid/20512
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29585
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29585