CVE-2006-0725
CVE-2006-0725
PHP remote file inclusion vulnerability in prepend.php in Plume CMS 1.0.2, when register_globals is enabled, allows remote attackers to include arbitrary files via a URL in the _PX_config[manager_path] parameter. NOTE: this is a different executable and affected version than CVE-2006-2645.
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/1832no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://plume-cms.net/news/77-Security-Notice-Please-Update-Your-Prependphp-Filehttp://secunia.com/advisories/18883http://securitytracker.com/id?1015624https://exchange.xforce.ibmcloud.com/vulnerabilities/24697https://exchange.xforce.ibmcloud.com/vulnerabilities/27699http://www.osvdb.org/23204http://www.securityfocus.com/bid/16662http://www.vupen.com/english/advisories/2006/0599