CVE-2006-4733

sips < 0.3.1 - Remote File Inclusion via config[sipssys] Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4733. PoCs published by ajann.

AI-analyzed exploit summary This exploit demonstrates a remote file inclusion (RFI) vulnerability in SIPS <= 0.3.1 via the 'config[sipssys]' parameter in box.inc.php. The attacker can include a remote shell by manipulating the parameter to point to a malicious script.

Description

PHP remote file inclusion vulnerability in sipssys/code/box.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) 0.3.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the config[sipssys] parameter. NOTE: the product's documentation recommends placing the affected file outside of the web root, so the scope of issue is limited to admins who do not, or cannot, follow this recommendation.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ajann · textwebappsphp

https://www.exploit-db.com/exploits/3245

View Code ZIP pw:eip

This exploit demonstrates a remote file inclusion (RFI) vulnerability in SIPS <= 0.3.1 via the 'config[sipssys]' parameter in box.inc.php. The attacker can include a remote shell by manipulating the parameter to point to a malicious script.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: SIPS <= 0.3.1

No auth needed

Prerequisites: Remote shell accessible via URL · Target server with vulnerable SIPS installation

MITRE ATT&CK