CVE-2006-4649
published 2006-09-08CVE-2006-4649: PHP remote file inclusion vulnerability in bp_news.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.38%
81.8th percentile
PHP remote file inclusion vulnerability in bp_news.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bingo_news | bingo_news | <= 3.01 | — |
| bingo_news | bingo_news | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v639-x6q2-c892: PHP remote file inclusion vulnerability in bp_news
ghsa_unreviewed·2022-05-01
CVE-2006-4649 [HIGH] CWE-94 GHSA-v639-x6q2-c892: PHP remote file inclusion vulnerability in bp_news
PHP remote file inclusion vulnerability in bp_news.php in BinGo News (BP News) 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter.
GHSA
GHSA-fcf2-f3gq-w5jr: PHP remote file inclusion vulnerability in bn_smrep1
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-0145 [HIGH] GHSA-fcf2-f3gq-w5jr: PHP remote file inclusion vulnerability in bn_smrep1
PHP remote file inclusion vulnerability in bn_smrep1.php in BinGoPHP News (BP News) 3.01 allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter, a different vector than CVE-2006-4648 and CVE-2006-4649.
No detection rules found.
Exploit-DB
Elxis CMS 2008.1 - PHPSESSID Variable Session Fixation
exploitdb·2008-10-14
CVE-2008-4649 Elxis CMS 2008.1 - PHPSESSID Variable Session Fixation
Elxis CMS 2008.1 - PHPSESSID Variable Session Fixation
---
source: https://www.securityfocus.com/bid/31764/info
Elxis CMS is prone to multiple cross-site scripting and session-fixation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The application is also prone to a session-fixation vulnerability.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
Using the session-fixation issue, the attacker can hijack the session and gain unauthorized access to the affected application.
Elxis CMS 2006.1 is vulnerable; other versions may also be affected.
http://www.si
Exploit-DB
BinGo News 3.01 - 'bnrep' Remote File Inclusion
exploitdb·2006-09-06
CVE-2006-4649 BinGo News 3.01 - 'bnrep' Remote File Inclusion
BinGo News 3.01 - 'bnrep' Remote File Inclusion
---
#==============================================================================================
#BinGo News <= v3.01 (bnrep) Remote File Inclusion Exploit
#===============================================================================================
#
#Critical Level : Dangerous
#
#Venedor site : http://bingophp.free.fr/BinGoPHPnewslast_full.zip
#
#Version : v3.01
#
#================================================================================================
#
#Dork : ""Script réalisé par BinGo PHP""
#
#================================================================================================
#Bug in : bp_ncom.php
#
#Vlu Code :
#--------------------------------
# include $bnrep."bn_configs.php";
#
#==========================
No writeups or analysis indexed.
2006-09-08
Published