CVE-2005-1526
Cacti < 0.8.6e - Remote Code Execution via config[include_path] Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-1526. PoCs published by Maciej Piotr Falkiewicz.
AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in RaXnet Cacti by manipulating the 'config[include_path]' parameter in 'config_settings.php' to include and execute arbitrary remote scripts. The attack leverages improper input validation to achieve remote code execution.
Description
PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the config[include_path] parameter.
Exploits (1)
This exploit demonstrates a remote file inclusion vulnerability in RaXnet Cacti by manipulating the 'config[include_path]' parameter in 'config_settings.php' to include and execute arbitrary remote scripts. The attack leverages improper input validation to achieve remote code execution.