CVE-2006-4217
WEBInsta CMS < 0.3.1 - Remote File Inclusion via module_dir Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-4217. PoCs published by Yns.
AI-analyzed exploit summary This exploit leverages a file inclusion vulnerability in WEBInsta CMS 0.3.1 by manipulating the 'module_dir' parameter to include a remote file. The attack is straightforward and requires no authentication.
Description
PHP remote file inclusion vulnerability in modules/usersonline/users.php in WEBInsta CMS 0.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the module_dir parameter, a different vulnerability than CVE-2006-4196. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Exploits (1)
This exploit leverages a file inclusion vulnerability in WEBInsta CMS 0.3.1 by manipulating the 'module_dir' parameter to include a remote file. The attack is straightforward and requires no authentication.