Vulnerabilities > CVE-2006-7052 - Remote File Include vulnerability in Keith Reichley Dotwidget for Articles 0.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple PHP remote file inclusion vulnerabilities in DotWidget For Articles (dotwidgeta) 0.2 allow remote attackers to execute arbitrary code via a URL in the (1) file_path parameter to (a) index.php, (b) showcatpicks.php, and (c) showarticle.php; and the (2) admin_header_file and (3) admin_footer_file parameters to (d) admin/authors.php, (e) admin/index.php, (f) admin/categories.php, (g) admin/editconfig.php, and (h) admin/articles.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description dotWidget for articles 2.0 showarticle.php file_path Parameter Remote File Inclusion. CVE-2006-7052. Webapps exploit for php platform id EDB-ID:28040 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28040/ title dotWidget for articles 2.0 showarticle.php file_path Parameter Remote File Inclusion description dotWidget for articles 2.0 admin/index.php Multiple Parameter Remote File Inclusion. CVE-2006-7052. Webapps exploit for php platform id EDB-ID:28043 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28043/ title dotWidget for articles 2.0 admin/index.php Multiple Parameter Remote File Inclusion description dotWidget for articles 2.0 admin/authors.php Multiple Parameter Remote File Inclusion. CVE-2006-7052 . Webapps exploit for php platform id EDB-ID:28041 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28041/ title dotWidget for articles 2.0 admin/authors.php Multiple Parameter Remote File Inclusion description dotWidget for articles 2.0 admin/articles.php Multiple Parameter Remote File Inclusion. CVE-2006-7052. Webapps exploit for php platform id EDB-ID:28042 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28042/ title dotWidget for articles 2.0 admin/articles.php Multiple Parameter Remote File Inclusion description dotWidget for articles 2.0 showcatpicks.php file_path Parameter Remote File Inclusion. CVE-2006-7052. Webapps exploit for php platform id EDB-ID:28039 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28039/ title dotWidget for articles 2.0 showcatpicks.php file_path Parameter Remote File Inclusion description dotWidget for articles 2.0 admin/categories.php Multiple Parameter Remote File Inclusion. CVE-2006-7052. Webapps exploit for php platform id EDB-ID:28045 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28045/ title dotWidget for articles 2.0 admin/categories.php Multiple Parameter Remote File Inclusion description dotWidget for articles 2.0 admin/editconfig.php Multiple Parameter Remote File Inclusion. CVE-2006-7052. Webapps exploit for php platform id EDB-ID:28046 last seen 2016-02-03 modified 2006-06-03 published 2006-06-03 reporter SwEET-DeViL source https://www.exploit-db.com/download/28046/ title dotWidget for articles 2.0 admin/editconfig.php Multiple Parameter Remote File Inclusion