Published: 25/05/2006 Updated: 18/10/2018

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 515

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

PHP remote file inclusion vulnerability in nucleus/libs/PLUGINADMIN.php in Nucleus 3.22 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[DIR_LIBS] parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nucleus group nucleus cms

#!/usr/bin/php -q -d short_open_tag=on <? echo "Nucleus <= 322 arbitrary remote inclusion exploit\r\n"; echo "by rgod rgod@autisticiorg\r\n"; echo "site: retrogodaltervistaorg\r\n\r\n"; echo "this is called the \"deadly eyes of Sun-tzu\"\r\n"; echo "dork: Copyright Nucleus CMS v322 Valid XHTML 10 Strict Valid CSS Back to ...

NVD-CWE-Other http://retrogod.altervista.org/nucleus_322_incl_xpl.html http://www.nucleuscms.org/item/3038 http://forum.nucleuscms.org/viewtopic.php?t=12304 http://secunia.com/advisories/20219 http://www.securityfocus.com/bid/18097 http://securitytracker.com/id?1016146 http://www.osvdb.org/25749 http://securityreason.com/securityalert/951 http://www.vupen.com/english/advisories/2006/1936 https://exchange.xforce.ibmcloud.com/vulnerabilities/26606 http://www.securityfocus.com/archive/1/434837/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/1816/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-2583

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect