CVE-2006-1348

gCards < 1.45 - Cross-Site Scripting via lang[*][file] Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1348. PoCs published by rgod.

AI-analyzed exploit summary This exploit demonstrates two vulnerabilities in gCards <= 1.45: arbitrary local file inclusion via the 'setLang' parameter and SQL injection for admin authentication bypass. It allows remote command execution by injecting PHP code into log files or bypassing authentication to upload malicious files.

Description

Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be resultant from CVE-2006-1346.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/1595

View Code ZIP pw:eip

This exploit demonstrates two vulnerabilities in gCards <= 1.45: arbitrary local file inclusion via the 'setLang' parameter and SQL injection for admin authentication bypass. It allows remote command execution by injecting PHP code into log files or bypassing authentication to upload malicious files.

Classification

Working Poc 100%

Attack Type

Rce | Sqli | Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: gCards <= 1.45

No auth needed

Prerequisites: Target must have gCards <= 1.45 installed · For action 1: Log files must be writable and accessible via path traversal · For action 2: magic_quotes_gpc must be Off

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1078 - Valid Accounts

devstral-2 · analyzed Feb 18, 2026 Full analysis →