CVE-2006-5304

PHP remote file inclusion vulnerability in inc/settings.php in IncCMS Core 1.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the inc_dir parameter.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-17 11:07:00.000-04
Last Modified2017-10-18 09:29:32.000-04

Vulnerable Software List

VendorProductVersions
Inccms Technology Inccms Core 1.0.0

References

SourceLink
MISChttp://www.rahim.webd.pl/exploity/Exploits/100.txt
BID20531
VUPENADV-2006-4046
XFinccms-settings-file-include(29567)
EXPLOIT-DB2557