Published: 06/06/2006 Updated: 18/10/2018

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 645

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

PHP remote file inclusion vulnerability in Webspotblogging 3.0.1 allows remote malicious users to execute arbitrary PHP code via a URL in the path parameter to (1) inc/logincheck.inc.php, (2) inc/adminheader.inc.php, (3) inc/global.php, or (4) inc/mainheader.inc.php. NOTE: some of these vectors were also reported for 3.0 in a separate disclosure.

Vulnerable Product	Search on Vulmon	Subscribe to Product
webspot webspotblogging 3.0
webspot webspotblogging 3.0.1

$$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ Webspotblogging 301 (path) <= Remote File Include Vulnerability $$ Script site: bloggingwebspotcouk/ $$ dork: Powered by WebspotBlogging $$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$ $$ Find by: Kacper (aka Rahim) $$ $$ Con ...

CWE-94 http://www.securityfocus.com/bid/18260 http://secunia.com/advisories/20439 http://www.osvdb.org/25992 http://www.osvdb.org/25993 http://www.osvdb.org/25994 http://www.osvdb.org/25995 http://arfis.wordpress.com/2007/09/14/rfi-02-webspotblogging/http://www.vupen.com/english/advisories/2006/2127 https://exchange.xforce.ibmcloud.com/vulnerabilities/26910 https://www.exploit-db.com/exploits/1871 http://www.securityfocus.com/archive/1/447576/100/200/threaded http://www.securityfocus.com/archive/1/447001/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/1871/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-2860

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect