CVE-2006-2330

PHP-Fusion 6.00.306- - Authenticated RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2330.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file upload vulnerability in PHPFusion <= v6.00.306, leveraging mod_mime misconfiguration to execute PHP code via malicious avatar uploads, followed by local file inclusion to achieve remote command execution.

Description

PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, as demonstrated by uploading then executing an avatar file that ends in ".php.gif" and contains PHP code in EXIF metadata.

Exploits (1)

exploitdb WORKING POC

phpwebappsphp

https://www.exploit-db.com/exploits/1760

View Code ZIP pw:eip

This exploit demonstrates an arbitrary file upload vulnerability in PHPFusion <= v6.00.306, leveraging mod_mime misconfiguration to execute PHP code via malicious avatar uploads, followed by local file inclusion to achieve remote command execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: PHPFusion <= v6.00.306

Auth required

Prerequisites: Valid user account for avatar upload · Apache mod_mime misconfiguration · register_globals=on and magic_quotes_gpc=Off

MITRE ATT&CK