CVE-2006-1777

simplog < 0.9.2 - Remote File Inclusion via Directory Traversal in s Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1777. PoCs published by rgod.

AI-analyzed exploit summary This exploit leverages a file inclusion vulnerability in Simplog <= 0.9.2 by injecting a remote URL via the 's' parameter, leading to remote command execution. The script sends a crafted HTTP request with the malicious payload embedded in cookies.

Description

Directory traversal vulnerability in doc/index.php in Jeremy Ashcraft Simplog 0.9.2 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the s parameter, as demonstrated by injecting PHP sequences into an Apache error_log file, which is then included by doc/index.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/1663

View Code ZIP pw:eip

This exploit leverages a file inclusion vulnerability in Simplog <= 0.9.2 by injecting a remote URL via the 's' parameter, leading to remote command execution. The script sends a crafted HTTP request with the malicious payload embedded in cookies.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Simplog <= 0.9.2

No auth needed

Prerequisites: allow_url_fopen enabled on the target server · remote server hosting the malicious PHP code

MITRE ATT&CK