CVE-2006-3144

Implied By Design Micro CMS <3.5 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-3144. PoCs published by learn3r hacker, CeNGiZ-HaN.

AI-analyzed exploit summary This is a writeup describing two vulnerabilities in Micro CMS: a file inclusion vulnerability requiring register globals to be enabled and an SQL injection login bypass. No actual exploit code is provided.

Description

PHP remote file inclusion vulnerability in micro_cms_files/microcms-include.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) and earlier allows remote attackers to execute arbitrary PHP code via a URL in the microcms_path parameter. NOTE: it was later reported that this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences.

Exploits (2)

exploitdb WRITEUP VERIFIED
by learn3r hacker · textwebappsphp
https://www.exploit-db.com/exploits/9699

This is a writeup describing two vulnerabilities in Micro CMS: a file inclusion vulnerability requiring register globals to be enabled and an SQL injection login bypass. No actual exploit code is provided.

Classification
Writeup 90%
Attack Type
Sqli | Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: Micro CMS v3.5 or lower
No auth needed
Prerequisites: register globals enabled for file inclusion · valid username or SQLi payload for login bypass
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by CeNGiZ-HaN · textwebappsphp
https://www.exploit-db.com/exploits/1929

This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in micro CMS. The vulnerability allows an attacker to include and execute arbitrary remote scripts by manipulating the 'microcms_path' parameter in the 'microcms-include.php' file.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: micro CMS (version not specified)
No auth needed
Prerequisites: Remote file hosting with malicious script · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/53273
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2446
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27236
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20758
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/18537
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/9699
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/1929
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/456721/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/26677

Scores

EPSS 0.0882
EPSS Percentile 94.5%

Details

CWE
CWE-94
Status published
Products (1)
ibd/micro_cms 0.3.5
Published Jun 22, 2006
Tracked Since Feb 18, 2026