CVE-2006-4285

Fantastic News <= 2.1.5 - Remote Code Execution via CONFIG[script_path] Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4285. PoCs published by SHiKaA.

AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Fantastic News <= v2.1.3 due to improper input validation in the 'CONFIG[script_path]' parameter in news.php. An attacker can include a remote shell by manipulating the parameter to point to a malicious URL.

Description

PHP remote file inclusion vulnerability in news.php in Fantastic News 2.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[script_path] parameter. NOTE: it was later reported that 2.1.5 is also affected.

Exploits (1)

exploitdb WORKING POC VERIFIED

by SHiKaA · textwebappsphp

https://www.exploit-db.com/exploits/2221

View Code ZIP pw:eip

This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Fantastic News <= v2.1.3 due to improper input validation in the 'CONFIG[script_path]' parameter in news.php. An attacker can include a remote shell by manipulating the parameter to point to a malicious URL.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Fantastic News v2.1.2 & v2.1.3

No auth needed

Prerequisites: Target application must be running Fantastic News v2.1.2 or v2.1.3 · Remote file inclusion must be allowed by the server configuration

MITRE ATT&CK