CVE-2006-4422
Jetbox CMS 2.1 - Remote File Inclusion via relative_script_path Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-4422. PoCs published by D3nGeR.
AI-analyzed exploit summary The provided text describes a remote file inclusion vulnerability in Jetbox CMS 2.1, where unsanitized user input in the 'relative_script_path' parameter allows arbitrary remote file execution. However, no actual exploit code is present, only a description and example URL.
Description
PHP remote file inclusion vulnerability in includes/phpdig/libs/search_function.php in Jetbox CMS 2.1 allows remote attackers to execute arbitrary PHP code via a URL in the relative_script_path parameter, a different vector than CVE-2006-2270. NOTE: this issue has been disputed, and as of 20060830, CVE analysis concurs with the dispute. In addition, it is likely that the vulnerability is actually in a third party module, phpDig 1.8.8
Exploits (1)
The provided text describes a remote file inclusion vulnerability in Jetbox CMS 2.1, where unsanitized user input in the 'relative_script_path' parameter allows arbitrary remote file execution. However, no actual exploit code is present, only a description and example URL.