CVE-2006-3104

bitweaver 1.3 - Information Disclosure via Invalid sort_mode Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-3104.

AI-analyzed exploit summary This exploit targets a file upload vulnerability in bitweaver <= v1.3, allowing remote code execution by uploading a malicious file with a double extension (e.g., suntzu.php.xxx) to bypass .htaccess restrictions. The exploit leverages a race condition to execute commands before the temporary file is deleted.

Description

users/index.php in Bitweaver 1.3 allows remote attackers to obtain sensitive information via an invalid sort_mode parameter, which reveals the installation path and database information in the resultant error message.

Exploits (1)

exploitdb WORKING POC

phpwebappsphp

https://www.exploit-db.com/exploits/1918

View Code ZIP pw:eip

This exploit targets a file upload vulnerability in bitweaver <= v1.3, allowing remote code execution by uploading a malicious file with a double extension (e.g., suntzu.php.xxx) to bypass .htaccess restrictions. The exploit leverages a race condition to execute commands before the temporary file is deleted.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Racy

Target: bitweaver <= v1.3

No auth needed

Prerequisites: Access to the articles/edit.php page · Ability to upload files

MITRE ATT&CK