Vulnerabilities > CVE-2006-7128 - Remote File Include vulnerability in Salims Softhouse JAF CMS 4.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
salims-softhouse
exploit available

Summary

PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the website parameter.

Vulnerable Configurations

Part Description Count
Application
Salims_Softhouse
1

Exploit-Db

  • descriptionJAF CMS <= 4.0 RC1 (forum.php) Remote File Include Exploit. CVE-2006-7128,CVE-2008-1609. Webapps exploit for php platform
    fileexploits/php/webapps/2469.pl
    idEDB-ID:2469
    last seen2016-01-31
    modified2006-10-03
    platformphp
    port
    published2006-10-03
    reporterKacper
    sourcehttps://www.exploit-db.com/download/2469/
    titleJAF CMS <= 4.0 RC1 forum.php Remote File Include Exploit
    typewebapps
  • descriptionJAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities. CVE-2006-7127,CVE-2006-7128,CVE-2008-1609. Webapps exploit for php platform
    fileexploits/php/webapps/5317.txt
    idEDB-ID:5317
    last seen2016-01-31
    modified2008-03-26
    platformphp
    port
    published2008-03-26
    reporterCraCkEr
    sourcehttps://www.exploit-db.com/download/5317/
    titleJAF-CMS 4.0 RC2 - Multiple Remote File Inclusion Vulnerabilities
    typewebapps