Vulnerabilities > CVE-2006-7052 - Unspecified vulnerability in Keith Reichley Dotwidget for Articles 0.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN keith-reichley
exploit available
Summary
Multiple PHP remote file inclusion vulnerabilities in DotWidget For Articles (dotwidgeta) 0.2 allow remote attackers to execute arbitrary code via a URL in the (1) file_path parameter to (a) index.php, (b) showcatpicks.php, and (c) showarticle.php; and the (2) admin_header_file and (3) admin_footer_file parameters to (d) admin/authors.php, (e) admin/index.php, (f) admin/categories.php, (g) admin/editconfig.php, and (h) admin/articles.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description dotWidget for articles 2.0 showarticle.php file_path Parameter Remote File Inclusion. CVE-2006-7052. Webapps exploit for php platform id EDB-ID:28040 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28040/ title dotWidget for articles 2.0 showarticle.php file_path Parameter Remote File Inclusion description dotWidget for articles 2.0 admin/index.php Multiple Parameter Remote File Inclusion. CVE-2006-7052. Webapps exploit for php platform id EDB-ID:28043 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28043/ title dotWidget for articles 2.0 admin/index.php Multiple Parameter Remote File Inclusion description dotWidget for articles 2.0 admin/authors.php Multiple Parameter Remote File Inclusion. CVE-2006-7052 . Webapps exploit for php platform id EDB-ID:28041 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28041/ title dotWidget for articles 2.0 admin/authors.php Multiple Parameter Remote File Inclusion description dotWidget for articles 2.0 admin/articles.php Multiple Parameter Remote File Inclusion. CVE-2006-7052. Webapps exploit for php platform id EDB-ID:28042 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28042/ title dotWidget for articles 2.0 admin/articles.php Multiple Parameter Remote File Inclusion description dotWidget for articles 2.0 showcatpicks.php file_path Parameter Remote File Inclusion. CVE-2006-7052. Webapps exploit for php platform id EDB-ID:28039 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28039/ title dotWidget for articles 2.0 showcatpicks.php file_path Parameter Remote File Inclusion description dotWidget for articles 2.0 admin/categories.php Multiple Parameter Remote File Inclusion. CVE-2006-7052. Webapps exploit for php platform id EDB-ID:28045 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28045/ title dotWidget for articles 2.0 admin/categories.php Multiple Parameter Remote File Inclusion description dotWidget for articles 2.0 admin/editconfig.php Multiple Parameter Remote File Inclusion. CVE-2006-7052. Webapps exploit for php platform id EDB-ID:28046 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28046/ title dotWidget for articles 2.0 admin/editconfig.php Multiple Parameter Remote File Inclusion
References
- http://securityreason.com/securityalert/2308
- http://www.securityfocus.com/archive/1/437483
- http://www.securityfocus.com/bid/18479
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27327
- http://securityreason.com/securityalert/2308
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27327
- http://www.securityfocus.com/bid/18479
- http://www.securityfocus.com/archive/1/437483