CVE-2006-1702
SPIP 1.8.3 - Remote File Inclusion via spip_login.php3 url Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-1702. PoCs published by cR45H3R.
AI-analyzed exploit summary The code describes a remote file inclusion vulnerability in SPIP due to improper input sanitization in spip_login.php3. An attacker can exploit this by manipulating the 'url' parameter to include and execute arbitrary remote PHP code.
Description
PHP remote file inclusion vulnerability in spip_login.php3 in SPIP 1.8.3 allows remote attackers to execute arbitrary PHP code via a URL in the url parameter.
Exploits (1)
The code describes a remote file inclusion vulnerability in SPIP due to improper input sanitization in spip_login.php3. An attacker can exploit this by manipulating the 'url' parameter to include and execute arbitrary remote PHP code.