Vulnerabilities > CVE-2006-6774 - Remote File Include vulnerability in Ciberia Content Federator 1.0

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
ciberia
exploit available

Summary

PHP remote file inclusion vulnerability in socios/maquetacion_socio.php (members/maquetacion_member.php) in Ciberia Content Federator 1.0 allows remote attackers to execute arbitrary PHP code via the path parameter. NOTE: some of these details are obtained from third party information. Successful exploitation requires that "register_globals" is enabled.

Vulnerable Configurations

Part Description Count
Application
Ciberia
1

Exploit-Db

descriptionCiberia Content Federator <= 1.0.1 (path) Remote File Include Exploit. CVE-2006-6774. Webapps exploit for php platform
fileexploits/php/webapps/3008.pl
idEDB-ID:3008
last seen2016-01-31
modified2006-12-25
platformphp
port
published2006-12-25
reporterDeltahackingTEAM
sourcehttps://www.exploit-db.com/download/3008/
titleCiberia Content Federator <= 1.0.1 path Remote File Include Exploit
typewebapps