CVE-2006-2726
published 2006-06-01CVE-2006-2726: PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1)…
PriorityP350high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
19.49%
97.0th percentile
PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1) drucken.php, (2) drucken2.php, (3) email_an_benutzer.php, (4) rechnung.php, (5) suche/search.php and (6) adminbereich/admin.php.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fastpublish | fastpublish_cms | — | — |
| fastpublish | fastpublish_cms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-cj6m-mjp7-2565: PHP remote file inclusion vulnerability in adminbereich/designconfig
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-6325 [HIGH] CWE-20 GHSA-cj6m-mjp7-2565: PHP remote file inclusion vulnerability in adminbereich/designconfig
PHP remote file inclusion vulnerability in adminbereich/designconfig.php in Fastpublish CMS 1.9999 allows remote attackers to execute arbitrary PHP code via a URL in the config[fsBase] parameter, a different vector than CVE-2006-2726.
GHSA
GHSA-mvff-38pr-c6jv: PHP remote file inclusion vulnerability in Fastpublish CMS 1
ghsa_unreviewed·2022-05-01
CVE-2006-2726 [HIGH] GHSA-mvff-38pr-c6jv: PHP remote file inclusion vulnerability in Fastpublish CMS 1
PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1) drucken.php, (2) drucken2.php, (3) email_an_benutzer.php, (4) rechnung.php, (5) suche/search.php and (6) adminbereich/admin.php.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/20346http://www.osvdb.org/26157http://www.osvdb.org/26158http://www.osvdb.org/26159http://www.osvdb.org/26160http://www.osvdb.org/26161http://www.osvdb.org/26162http://www.securityfocus.com/bid/18163http://www.vupen.com/english/advisories/2006/2043https://exchange.xforce.ibmcloud.com/vulnerabilities/26897https://www.exploit-db.com/exploits/1848http://secunia.com/advisories/20346http://www.osvdb.org/26157http://www.osvdb.org/26158http://www.osvdb.org/26159http://www.osvdb.org/26160http://www.osvdb.org/26161http://www.osvdb.org/26162http://www.securityfocus.com/bid/18163http://www.vupen.com/english/advisories/2006/2043https://exchange.xforce.ibmcloud.com/vulnerabilities/26897https://www.exploit-db.com/exploits/1848
2006-06-01
Published