CVE-2006-2946

dmx_forum < 2.1a - Unauthenticated Sensitive Information Exposure via Web-Accessible Database Configuration

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2946.

AI-analyzed exploit summary This Perl script exploits a SQL injection vulnerability in Dmx Forum <= v2.1a by fetching user credentials and database configuration details via crafted HTTP requests. It leverages LWP::Simple to retrieve sensitive information from the target application.

Description

Dmx Forum 2.1a stores _includes/bd.inc under the web root with insufficient access control, which allows remote attackers to obtain database username and password information.

Exploits (1)

exploitdb WORKING POC

perlwebappsphp

https://www.exploit-db.com/exploits/1882

View Code ZIP pw:eip

This Perl script exploits a SQL injection vulnerability in Dmx Forum <= v2.1a by fetching user credentials and database configuration details via crafted HTTP requests. It leverages LWP::Simple to retrieve sensitive information from the target application.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Dmx Forum <= v2.1a

No auth needed

Prerequisites: Target URL · Member ID

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/2154

Third Party Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2006-05/0799.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20450

Scores

EPSS 0.0378

EPSS Percentile 88.4%

Details

Status published

Products (1)

dmx_forum/dmx_forum < 2.1a

Published Jun 12, 2006

Tracked Since Feb 18, 2026