CVE-2006-0206
published 2006-01-13CVE-2006-0206: Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote attackers to execute arbitrary PHP code via the date…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
4.18%
89.7th percentile
Eval injection vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| light_weight_calendar | light_weight_calendar | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
D-Link DWL Series Access-Point 2.10na - Config Disclosure
exploitdb·2006-06-08
CVE-2006-2901 D-Link DWL Series Access-Point 2.10na - Config Disclosure
D-Link DWL Series Access-Point 2.10na - Config Disclosure
---
# ADVISORY/0206 - D-Link Wireless Access-Point (DWL-2100ap)
# INTRUDERS TIGER TEAM SECURITY - SECURITY ADVISORY
# http://www.intruders.com.br/ , http://www.intruders.org.br/
Making a HTTP request to the /cgi-bin/ directory, the Web server will return error 404 (Page not found).
Making a HTTP request to the /cgi-bin/AnyFile.htm, the Web server will return error 404 (Page not found).
However, making a HTTP request to any file in /cgi-bin/ directory, with .cfg extension, will return all the device configuration.
For example, making the following request:
http://dlink-DWL-2100ap/cgi-bin/Intruders.cfg
We would have a result equivalent to the following:
# Copyright (c) 2002 Atheros Communications, Inc., All Rights Reserved
# DO
Exploit-DB
Light Weight Calendar 1.x - 'date' Remote Code Execution
exploitdb·2006-03-09
CVE-2006-1252 Light Weight Calendar 1.x - 'date' Remote Code Execution
Light Weight Calendar 1.x - 'date' Remote Code Execution
---
#!/usr/bin/perl
#
# Light Weight Calendar
# Exploit by Hessam-x (www.hessamx.net)
#
######################################################
# ___ ___ __ #
# / | \_____ ____ | | __ ___________________ #
#/ ~ \__ \ _/ ___\| |/ // __ \_ __ \___ / #
#\ Y // __ \\ \___| __|_ \\___ >__| /_____ \ #
# \/ \/ \/ \/ \/ \/ #
# Iran Hackerz Security Team #
# WebSite: www.hackerz.ir #
# #
######################################################
# Name : Light Weight Calendar #
# version : 1.* #
######################################################
use LWP::Simple;
print "-------------------------------------------\n";
print "= Light Weight Calendar =\n";
print "= By Hessam-x - www.hackerz.ir =\n";
print "--------------------------------------
http://attrition.org/pipermail/vim/2006-March/000612.htmlhttp://evuln.com/vulns/29/exploit.htmlhttp://evuln.com/vulns/29/summary.htmlhttp://secunia.com/advisories/18450http://www.osvdb.org/22376http://www.securityfocus.com/archive/1/421920http://www.securityfocus.com/bid/16229http://www.vupen.com/english/advisories/2006/0171https://exchange.xforce.ibmcloud.com/vulnerabilities/24110http://attrition.org/pipermail/vim/2006-March/000612.htmlhttp://evuln.com/vulns/29/exploit.htmlhttp://evuln.com/vulns/29/summary.htmlhttp://secunia.com/advisories/18450http://www.osvdb.org/22376http://www.securityfocus.com/archive/1/421920http://www.securityfocus.com/bid/16229http://www.vupen.com/english/advisories/2006/0171https://exchange.xforce.ibmcloud.com/vulnerabilities/24110
2006-01-13
Published