CVE-2006-1031

iGENUS Webmail <= 2.02 - Remote File Inclusion via SG_HOME Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1031. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets a remote command execution vulnerability in iGENUS WebMail <= 2.0.2 by leveraging PHP's register_globals and allow_url_fopen settings to include a malicious PHP script from an FTP location. The script then executes arbitrary commands passed via the cmd parameter.

Description

config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SG_HOME parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · perlwebappsphp

https://www.exploit-db.com/exploits/1527

View Code ZIP pw:eip

This exploit targets a remote command execution vulnerability in iGENUS WebMail <= 2.0.2 by leveraging PHP's register_globals and allow_url_fopen settings to include a malicious PHP script from an FTP location. The script then executes arbitrary commands passed via the cmd parameter.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: iGENUS WebMail <= 2.0.2

No auth needed

Prerequisites: PHP5 with register_globals = On · allow_url_fopen = On · Access to an FTP server hosting the malicious PHP script

MITRE ATT&CK