CVE-2006-5259

PHP remote file inclusion vulnerability in param_editor.php in Compteur 2 allows remote attackers to execute arbitrary PHP code via a URL in the folder parameter.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-12 06:07:00.000-04
Last Modified2017-10-18 09:29:31.000-04

Vulnerable Software List

VendorProductVersions
Compteur Compteur 2

References

SourceLink
MISChttp://acid-root.new.fr/poc/13061007.txt
BUGTRAQ20061007 7 php scripts File Inclusion / Source disclosure Vuln
BID20432
VUPENADV-2006-3997
XFcompteur-param-file-include(29425)
EXPLOIT-DB2503