CVE-2006-3562

plume_cms 1.0.4 - Remote Code Execution via _PX_config[manager_path] Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2006-3562. PoCs published by CrAsh_oVeR_rIdE.

AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in Plume CMS due to improper input sanitization. An attacker can execute arbitrary server-side script code by manipulating the `_PX_config[manager_path]` parameter in `rss.php`.

Description

PHP remote file inclusion vulnerabilities in plume cms 1.0.4 allow remote attackers to execute arbitrary PHP code via a URL in the _PX_config[manager_path] parameter to (1) index.php, (2) rss.php, or (3) search.php, a different set of vectors and versions than CVE-2006-2645 and CVE-2006-0725.

Exploits (3)

exploitdb WORKING POC VERIFIED
by CrAsh_oVeR_rIdE · textwebappsphp
https://www.exploit-db.com/exploits/28148

This exploit demonstrates a remote file inclusion vulnerability in Plume CMS due to improper input sanitization. An attacker can execute arbitrary server-side script code by manipulating the `_PX_config[manager_path]` parameter in `rss.php`.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Plume CMS
No auth needed
Prerequisites: Access to the target web server · Ability to host malicious script on an external server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by CrAsh_oVeR_rIdE · textwebappsphp
https://www.exploit-db.com/exploits/28147

This exploit demonstrates a remote file inclusion vulnerability in Plume CMS due to improper input sanitization. An attacker can execute arbitrary server-side script code by manipulating the `_PX_config[manager_path]` parameter.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Plume CMS (version not specified)
No auth needed
Prerequisites: Remote file inclusion must be enabled on the server · Attacker must be able to host a malicious script on a remote server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by CrAsh_oVeR_rIdE · textwebappsphp
https://www.exploit-db.com/exploits/28149

This exploit demonstrates a remote file inclusion vulnerability in Plume CMS by manipulating the `_PX_config[manager_path]` parameter in `search.php` to include arbitrary remote files. The vulnerability arises due to insufficient input sanitization, allowing an attacker to execute server-side script code with webserver privileges.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Plume CMS (version not specified)
No auth needed
Prerequisites: Remote file inclusion must be enabled on the target server · Attacker must be able to host a malicious file on an accessible server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/18780
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/438948/100/100/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27530
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/1220
Exploit vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016426

Scores

EPSS 0.0306
EPSS Percentile 85.9%

Details

CWE
CWE-94
Status published
Products (1)
plume-cms/plume_cms 1.0.4
Published Jul 13, 2006
Tracked Since Feb 18, 2026