Free Articles Directory Remote File Inclusion Vulnerability Network Vulnerability

Summary

The remote web server contains a PHP application that is affected by a remote file include vulnerability. Description : The remote host is running Free Articles Directory, a CMS written in PHP. The installed version of Free Articles Directory fails to sanitize user input to the 'page' parameter in index.php. An unauthenticated attacker may be able to read arbitrary local files or include a file from a remote host that contains commands which will be executed by the vulnerable script, subject to the privileges of the web server process.

Solution

Unknown at this time.

References

http://archives.neohapsis.com/archives/bugtraq/2006-03/0396.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2006-1350
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Avenger's News System Command Execution
Apache Tomcat /servlet Cross Site Scripting
Baby Gekko CMS Multiple Vulnerabilities
Apache Archiva Multiple Remote Command Execution Vulnerabilities
Apache Struts ClassLoader Manipulation Vulnerabilities

Take action and discover your vulnerabilities