CVE-2006-7128
published 2007-03-06CVE-2006-7128: PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the website…
PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
7.38%
93.7th percentile
PHP remote file inclusion vulnerability in forum/forum.php JAF CMS 4.0 RC1 allows remote attackers to execute arbitrary PHP code via a URL in the website parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| salims_softhouse | jaf_cms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
JAF CMS 4.0 RC2 - Multiple Remote File Inclusions
exploitdb·2008-03-26
CVE-2008-1609 JAF CMS 4.0 RC2 - Multiple Remote File Inclusions
JAF CMS 4.0 RC2 - Multiple Remote File Inclusions
---
???????????????????????????????????????????????????????????????????????????????
?? C r a C k E r ??
?? T H E C R A C K O F E T E R N A L M I G H T ??
??????????????????????????????????????????????????????????????????????????????
????? From The Ashes and Dust Rises An Unimaginable crack.... ?????
??????????????????????????????????????????????????????????????????????????????
?? [ Remote File Include ] ??
??????????????????????????????????????????????????????????????????????????????
: Author : CraCkEr : : :
? Group : PitBull Crew ? ? ?
? Script : JAF-CMS 4.0 RC2 ? ? Register Globals : ?
? Download : SourceForge.net ? ? ?
? Method : GET ? ? [?] ON [ ] OFF ?
? Critical : High [????????] ? ? ?
? Impact : System access ? ? ?
? ?????????????
Exploit-DB
JAF CMS 4.0 RC1 - 'forum.php' Remote File Inclusion
exploitdb·2006-10-03
CVE-2008-1609 JAF CMS 4.0 RC1 - 'forum.php' Remote File Inclusion
JAF CMS 4.0 RC1 - 'forum.php' Remote File Inclusion
---
#!/usr/bin/perl
#::::::::: :::::::::: ::: ::: ::::::::::: :::
#:+: :+: :+: :+: :+: :+: :+:
#+:+ +:+ +:+ +:+ +:+ +:+ +:+
#+#+ +:+ +#++:++# +#+ +:+ +#+ +#+
#+#+ +#+ +#+ +#+ +#+ +#+ +#+
##+# #+# #+# #+#+#+# #+# #+#
########## ########## ### ########### ##########
#::::::::::: :::::::::: ::: :::: ::::
# :+: :+: :+: :+: +:+:+: :+:+:+
# +:+ +:+ +:+ +:+ +:+ +:+:+ +:+
# +#+ +#++:++# +#++:++#++: +#+ +:+ +#+
# +#+ +#+ +#+ +#+ +#+ +#+
# #+# #+# #+# #+# #+# #+#
# ### ########## ### ### ### ###
#
#
#+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#+
#- - - [DEVIL TEAM THE BEST POLISH TEAM] - -
#+
#+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#+
#- JAF CMS "DEVIL TEAM :: JAF CMS geometry ( '500x300' ) ;
$mw->resizable(0,0);
$mw->Label(-
No writeups or analysis indexed.
http://secunia.com/advisories/22143http://www.rahim.webd.pl/exploity/Exploits/92.txthttp://www.securityfocus.com/bid/20310https://exchange.xforce.ibmcloud.com/vulnerabilities/29322https://www.exploit-db.com/exploits/2469http://secunia.com/advisories/22143http://www.rahim.webd.pl/exploity/Exploits/92.txthttp://www.securityfocus.com/bid/20310https://exchange.xforce.ibmcloud.com/vulnerabilities/29322https://www.exploit-db.com/exploits/2469
2007-03-06
Published