CVE-2006-4190
PHP-Nuke AutoHTML Module - Directory Traversal via Name Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-4190. PoCs published by MosT3mR.
AI-analyzed exploit summary This exploit demonstrates a local file inclusion vulnerability in PHP-Nuke AutoHTML Module by manipulating the 'name' parameter to include arbitrary local files. The PoC shows how an attacker can read sensitive files like '/etc/passwd' by traversing directories.
Description
Directory traversal vulnerability in autohtml.php in the AutoHTML module for PHP-Nuke allows local users to include arbitrary files via a .. (dot dot) in the name parameter for a modload operation.
Exploits (1)
This exploit demonstrates a local file inclusion vulnerability in PHP-Nuke AutoHTML Module by manipulating the 'name' parameter to include arbitrary local files. The PoC shows how an attacker can read sensitive files like '/etc/passwd' by traversing directories.