← back
CVE-2006-5089

CVE-2006-5089

EPSS 2.1%
PHP remote file inclusion vulnerability in mybic_server.php in Jim Plush My-BIC 0.6.5 allows remote attackers to execute arbitrary PHP code via a URL in the file parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. CVE disputes this vulnerability because the file variable is defined before use in a way that prevents arbitrary inclusion
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/28686unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://sourceforge.net/project/downloading.php?group_id=164457&filename=mybic_0_6_5.ziphttp://www.securityfocus.com/bid/20208