Vulnerabilities > CVE-2006-6756 - Remote Security vulnerability in Ixprim CMS 1.2

047910
CVSS 5.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
high complexity
ixprim
exploit available

Summary

The code function in install.fct.php in Ixprim 1.2 produces a guessable value of the confidential IXP_CODE in mainfile.php, which might allow remote attackers to gain access to the administration panel via a brute force attack.

Vulnerable Configurations

Part Description Count
Application
Ixprim
1

Exploit-Db

descriptionIxprim CMS 1.2 Remote Blind SQL Injection Exploit. CVE-2006-6755,CVE-2006-6756. Webapps exploit for php platform
fileexploits/php/webapps/2975.pl
idEDB-ID:2975
last seen2016-01-31
modified2006-12-21
platformphp
port
published2006-12-21
reporterDarkFig
sourcehttps://www.exploit-db.com/download/2975/
titleIxprim CMS 1.2 - Remote Blind SQL Injection Exploit
typewebapps