Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2006-1610

Published: 04/04/2006 Updated: 18/10/2018
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 515
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Summary

PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and previous versions, as used in products such as Autonomous LAN party (ALP), allows remote malicious users to execute arbitrary PHP code via a URL in the libpath parameter. NOTE: this only occurs when register_globals is disabled.

Vulnerable Product Search on Vulmon Subscribe to Product

squery squery

Exploits

Exploit DB: SQuery 4.5 - 'libpath' Remote File Inclusion
#!/usr/bin/perl ## # SQuery <= 45 Remote File Inclusion Exploit # Bug Found By uid0 code by zod ## # (c) 2006 # ExploiterCodecom ## # usage: # perl squerypl <location of SQuery> <cmd shell location> <cmd shell variable> # # perl squerypl sitecom/SQuery/ sitecom/cmdtxt cmd # # cmd shell example: <?passth ...

References

CWE-94http://secunia.com/advisories/19482http://www.osvdb.org/24400http://www.securityfocus.com/bid/17434http://www.vupen.com/english/advisories/2006/1204https://exchange.xforce.ibmcloud.com/vulnerabilities/25605https://www.exploit-db.com/exploits/1629http://www.securityfocus.com/archive/1/429611/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/1629/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710arbitrary CVE-2024-5272CVE-2024-2961brute forceremoteCVE-2024-32944CVE-2024-36241CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook