CVE-2006-0157

Reamday Enterprises Magic News Plus <1.0.3 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0157. PoCs published by cijfer.

AI-analyzed exploit summary This exploit leverages an input validation flaw in Magic News Plus <=1.0.3 to change the admin password by manipulating the 'settings.php' parameters. It requires register_globals to be enabled and sends crafted HTTP requests to bypass authentication checks.

Description

settings.php in Reamday Enterprises Magic News Plus 1.0.3 allows remote attackers to change the administrator password via a change action that specifies identical values for the passwd and admin_password parameters, then declares the new password string in the new_passwd and confirm_passwd parameters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by cijfer · perlwebappsphp

https://www.exploit-db.com/exploits/1410

View Code ZIP pw:eip

This exploit leverages an input validation flaw in Magic News Plus <=1.0.3 to change the admin password by manipulating the 'settings.php' parameters. It requires register_globals to be enabled and sends crafted HTTP requests to bypass authentication checks.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Magic News Plus <=1.0.3

No auth needed

Prerequisites: register_globals enabled · target software installed

MITRE ATT&CK

T1110.001 - Password Guessing

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/18601

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/16182

Exploit x_refsource_misc

http://downloads.securityfocus.com/vulnerabilities/exploits/MagicNewsPlus-pw-change.pl

Scores

EPSS 0.0223

EPSS Percentile 80.4%

Details

Status published

Products (1)

reamday_enterprises/magic_news_plus 1.0.3

Published Jan 10, 2006

Tracked Since Feb 18, 2026