CVE-2006-3692

ListMessenger 0.9.3 - Remote File Inclusion via lm_path Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-3692. PoCs published by xoron.

AI-analyzed exploit summary The provided text describes a remote file inclusion vulnerability in ListMessenger 0.9.3, but it lacks actual exploit code. It mentions a vulnerable parameter 'lm_path' but notes that further reports indicate it may not be exploitable due to a hard-coded value.

Description

PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lm_path parameter. NOTE: the vendor has disputed this issue to SecurityTracker, stating that the $lm_path variable is set to a constant value. As of 20060726, CVE concurs with the vendor based on SecurityTracker's post-disclosure analysis

Exploits (1)

exploitdb WRITEUP VERIFIED

by xoron · textwebappsphp

https://www.exploit-db.com/exploits/28231

View Code ZIP pw:eip

The provided text describes a remote file inclusion vulnerability in ListMessenger 0.9.3, but it lacks actual exploit code. It mentions a vulnerable parameter 'lm_path' but notes that further reports indicate it may not be exploitable due to a hard-coded value.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: ListMessenger 0.9.3

No auth needed

Prerequisites: Remote file inclusion vulnerability in ListMessenger · Ability to host malicious PHP script

MITRE ATT&CK