CVE-2006-2424

ezusermanager 1.6 - Remote File Inclusion via ezUserManager_Path Parameter

Title source: manual

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2424. PoCs published by OLiBekaS.

AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in ezUserManager <= v1.6. The attacker can include a remote file containing malicious code via the 'ezUserManager_Path' parameter, leading to arbitrary command execution.

Description

PHP remote file inclusion vulnerability in ezUserManager 1.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the ezUserManager_Path parameter to ezusermanager_pwd_forgott.php, possibly due to an issue in ezusermanager_core.inc.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by OLiBekaS · textwebappsphp

https://www.exploit-db.com/exploits/1795

View Code ZIP pw:eip

This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in ezUserManager <= v1.6. The attacker can include a remote file containing malicious code via the 'ezUserManager_Path' parameter, leading to arbitrary command execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: ezUserManager <= v1.6

No auth needed

Prerequisites: Remote file hosting with malicious code · Target application with vulnerable parameter

MITRE ATT&CK