Exploitation Summary
EIP tracks 1 public exploit for CVE-2006-4766. PoCs published by Daftrix Security.
AI-analyzed exploit summary This exploit demonstrates a remote and local file inclusion vulnerability in Newsscript 0.5. The 'ide' parameter in 'print/print.php' and 'article.php' is not properly validated, allowing attackers to include arbitrary local or remote files.
Description
Directory traversal vulnerability in print.php in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allows remote attackers to read arbitrary files via a .. (dot dot) in the ide parameter.
Exploits (1)
This exploit demonstrates a remote and local file inclusion vulnerability in Newsscript 0.5. The 'ide' parameter in 'print/print.php' and 'article.php' is not properly validated, allowing attackers to include arbitrary local or remote files.