← back
CVE-2006-5085

CVE-2006-5085

EPSS 44.7%
Static code injection vulnerability in config.php in Blog Pixel Motion 2.1.1 allows remote attackers to execute arbitrary PHP code via the nom_blog parameter, which is injected into include/variables.php.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/2441unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://acid-root.new.fr/poc/12060927.txthttp://secunia.com/advisories/22163http://securityreason.com/securityalert/1653https://exchange.xforce.ibmcloud.com/vulnerabilities/29217http://www.securityfocus.com/archive/1/447167/100/0/threadedhttp://www.securityfocus.com/bid/20235