Vulnerabilities > CVE-2006-7120 - Unspecified vulnerability in OSU Open Source LAB Maintain 3.0.0Rc2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN osu-open-source-lab
exploit available
Summary
PHP remote file inclusion vulnerability in lib/php/phphtmllib-2.5.4/examples/example6.php for maintain 3.0.0-RC2 allows remote attackers to execute arbitrary PHP code via a URL in the phphtmllib parameter. NOTE: this issue might be in phpHtmlLib. NOTE: CVE disputes this issue for proper installations of maintain, since $phphtmllib is set in includes.inc before being used in example6.php
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Maintain 3.0.0-RC2 Example6.PHP Remote File Include Vulnerability. CVE-2006-7120. Webapps exploit for php platform |
| id | EDB-ID:28821 |
| last seen | 2016-02-03 |
| modified | 2006-10-16 |
| published | 2006-10-16 |
| reporter | ERNE |
| source | https://www.exploit-db.com/download/28821/ |
| title | Maintain 3.0.0-RC2 Example6.PHP Remote File Include Vulnerability |
References
- http://securityreason.com/securityalert/2359
- http://www.securityfocus.com/archive/1/448780/100/0/threaded
- http://www.securityfocus.com/bid/20560
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29596
- http://securityreason.com/securityalert/2359
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29596
- http://www.securityfocus.com/bid/20560
- http://www.securityfocus.com/archive/1/448780/100/0/threaded