CVE-2006-1162

Nodez 4.6.1.1 - Directory Traversal via op Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1162.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in Nodez CMS, including arbitrary local file inclusion via null byte injection and admin authentication bypass by crafting a custom password hash. It allows command execution through log file poisoning and session hijacking.

Description

Directory traversal vulnerability in Nodez 4.6.1.1 and earlier allows remote attackers to read or include arbitrary PHP files via a .. (dot dot) in the op parameter, as demonstrated by inserting malicious Email parameters into list.gtdat, then accessing list.gtdat using the op parameter.

Exploits (1)

exploitdb WORKING POC

phpwebappsphp

https://www.exploit-db.com/exploits/1588

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in Nodez CMS, including arbitrary local file inclusion via null byte injection and admin authentication bypass by crafting a custom password hash. It allows command execution through log file poisoning and session hijacking.

Classification

Working Poc 95%

Attack Type

Rce | Auth Bypass | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Nodez CMS 4.6.1.1 (and possibly prior versions)

No auth needed

Prerequisites: Access to the target web server · PHP with short_open_tag=on for some methods

MITRE ATT&CK