CVE-2006-2685

Exploitation Summary

EIP tracks 4 public exploits for CVE-2006-2685. PoCs published by Metasploit, MC, str0ke, including Metasploit module exploits/unix/webapp/base_qry_common.

AI-analyzed exploit summary This Metasploit module exploits a remote file inclusion vulnerability in BASE 1.2.4 and earlier via the base_qry_common.php file. It allows an attacker to include a remote PHP file, potentially leading to remote code execution.

Description

PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.

Exploits (4)

exploitdb WORKING POC VERIFIED

by Metasploit · rubywebappsphp

https://www.exploit-db.com/exploits/16897

View Code ZIP pw:eip

This Metasploit module exploits a remote file inclusion vulnerability in BASE 1.2.4 and earlier via the base_qry_common.php file. It allows an attacker to include a remote PHP file, potentially leading to remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: BASE (Basic Analysis and Security Engine) <= 1.2.4

No auth needed

Prerequisites: Network access to the target · PHP include functionality enabled on the target server

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by MC · rubywebappsphp

https://www.exploit-db.com/exploits/9908

View Code ZIP pw:eip

This is a Metasploit module exploiting a remote file inclusion vulnerability in BASE 1.2.4 and earlier via the base_qry_common.php file. It allows remote code execution by injecting a malicious PHP include path.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: BASE (Basic Analysis and Security Engine) <= 1.2.4

No auth needed

Prerequisites: Network access to the target · PHP include functionality enabled on the server

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by str0ke · textwebappsphp

https://www.exploit-db.com/exploits/1823

View Code ZIP pw:eip

This exploit demonstrates a local file inclusion (LFI) vulnerability in Basic Analysis and Security Engine (BASE) <= 1.2.4, allowing remote attackers to include arbitrary files via the BASE_path parameter in multiple scripts.

Classification

Working Poc 90%

Attack Type

Lfi

Complexity

Trivial

Reliability

Reliable

Target: Basic Analysis and Security Engine (BASE) <= 1.2.4

No auth needed

Prerequisites: Access to the vulnerable BASE web interface

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

by MC · rubypocphp

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/base_qry_common.rb

View Code ZIP pw:eip

This Metasploit module exploits a remote file inclusion vulnerability in BASE 1.2.4 and earlier via the base_qry_common.php file. It allows an attacker to include a remote PHP file by manipulating the BASE_path parameter.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: BASE 1.2.4 and earlier

No auth needed

Prerequisites: Network access to the target · PHP include functionality enabled on the target server

MITRE ATT&CK