← back
CVE-2006-0659

CVE-2006-0659

EPSS 4.0%
Multiple PHP remote file include vulnerabilities in RunCMS 1.2 and earlier, with register_globals and allow_url_fopen enabled, allow remote attackers to execute arbitrary code via the bbPath[path] parameter in (1) class.forumposts.php and (2) forumpollrenderer.php.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/1485unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://retrogod.altervista.org/runcms_13a_xpl.htmlhttp://secunia.com/advisories/18800http://www.securityfocus.com/archive/1/424708http://www.securityfocus.com/bid/16578http://www.vupen.com/english/advisories/2006/0503