Published: 09/08/2006 Updated: 17/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

PHP remote file inclusion vulnerability in SAPID CMS 123 rc3 allows remote malicious users to execute arbitrary PHP code via a URL in the (1) root_path parameter in usr/extensions/get_infochannel.inc.php and the (2) GLOBALS["root_path"] parameter in usr/extensions/get_tree.inc.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redgraphic sapid cms 1.2.3

$$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ SAPID CMS <= v 12305 (root_path) Remote File Include Vulnerability $$ Script site: sapidsourceforgenet/ $$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$ $$ Find by: Kacper (aka Rahim) $$ $$ Contact: kacper1964@yahoopl or ...

CWE-94 http://www.securityfocus.com/bid/19383 http://secunia.com/advisories/21410 http://securitytracker.com/id?1016650 http://securityreason.com/securityalert/1346 http://www.vupen.com/english/advisories/2006/3191 https://exchange.xforce.ibmcloud.com/vulnerabilities/28250 https://www.exploit-db.com/exploits/2128 http://www.securityfocus.com/archive/1/442425/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/2128/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-4026

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect