CVE-2006-0076

oaBoard 1.0 - Remote Code Execution

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0076. PoCs published by Aliaksandr Hartsuyeu.

AI-analyzed exploit summary The exploit describes a remote file inclusion vulnerability in oaBoard, allowing arbitrary PHP code execution by manipulating the 'inc' parameter in forum.php. No actual exploit code is provided, only a description and example URL.

Description

PHP remote file include vulnerability in forum.php in oaBoard 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Aliaksandr Hartsuyeu · textwebappsphp

https://www.exploit-db.com/exploits/26998

View Code ZIP pw:eip

The exploit describes a remote file inclusion vulnerability in oaBoard, allowing arbitrary PHP code execution by manipulating the 'inc' parameter in forum.php. No actual exploit code is provided, only a description and example URL.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: oaBoard (version not specified)

No auth needed

Prerequisites: Remote PHP file hosting · Target application with vulnerable 'inc' parameter

MITRE ATT&CK