Exploitation Summary
EIP tracks 1 public exploit for CVE-2006-2568. PoCs published by V4mu.
AI-analyzed exploit summary This exploit leverages a remote file inclusion vulnerability in UBB.threads >= 6.4.x by manipulating the 'thispath' parameter in 'addpost_newpoll.php' to include and execute arbitrary remote files. The example demonstrates command execution via a remote 'cmd.gif' file.
Description
PHP remote file inclusion vulnerability in addpost_newpoll.php in UBB.threads 6.4 through 6.5.2 and 6.5.1.1 (trial) allows remote attackers to execute arbitrary PHP code via a URL in the thispath parameter.
Exploits (1)
This exploit leverages a remote file inclusion vulnerability in UBB.threads >= 6.4.x by manipulating the 'thispath' parameter in 'addpost_newpoll.php' to include and execute arbitrary remote files. The example demonstrates command execution via a remote 'cmd.gif' file.