Vulnerabilities > CVE-2006-7091 - Remote File Include vulnerability in Hinton Design PHPht Topsites Free 1.022B

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

hinton-design

exploit available

NVD

Published: 2007-03-02

Updated: 2008-09-05

Summary

PHP remote file inclusion vulnerability in config.php in phpht Topsites FREE 1.022b allows remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Hinton_Design Hinton Design Phpht Topsites Free 1.022B	1

Exploit-Db

description	PHP TopSites FREE 1.022b Config.PHP Remote File Include Vulnerability. CVE-2006-7091. Webapps exploit for php platform
id	EDB-ID:28791
last seen	2016-02-03
modified	2006-10-12
published	2006-10-12
reporter	Le CoPrA
source	https://www.exploit-db.com/download/28791/
title	PHP TopSites FREE 1.022b Config.PHP Remote File Include Vulnerability

References

http://www.securityfocus.com/bid/20486