CVE-2006-4889

Telekorn SignKorn Guestbook <1.3 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 21 public exploits for CVE-2006-4889. PoCs published by ThE_LeO, SHiKaA.

AI-analyzed exploit summary The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in 'smile.php'. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Description

Multiple PHP remote file inclusion vulnerabilities in Telekorn SignKorn Guestbook (SL) 1.3 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir_path parameter in (1) index.php, (2) includes/functions.gb.php, (3) includes/functions.admin.php, (4) includes/admin.inc.php, (5) help.php, (6) smile.php, (7) entry.php; (8) adminhelp0.php, (9) adminhelp1.php, (10) adminhelp2.php, and (11) adminhelp3.php in (a) help/en and (b) help/de directories; and the (12) preview.php, (13) log.php, (14) index.php, (15) config.php, and (16) admin.php in the (c) admin directory, a different set of vectors than CVE-2006-4788.

Exploits (21)

exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28527

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in 'smile.php'. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the target web application · Ability to host a malicious script on a remote server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28522

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in the index.php script. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the target web application · Ability to host a malicious script on a remote server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28526

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in help.php. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Remote file inclusion must be enabled on the target server · Attacker must be able to host a malicious script on an accessible server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28536

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in 'entry.php'. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the vulnerable 'entry.php' script · Ability to host or reference a malicious script
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28523

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in the 'functions.gb.php' script. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Remote file inclusion must be enabled on the target server · Attacker must be able to host a malicious script on an accessible server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28524

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in the 'functions.admin.php' script. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the vulnerable script URL · Ability to host a malicious script on a remote server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28525

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in admin.inc.php. This allows an attacker to include arbitrary remote files, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the vulnerable endpoint · Ability to host a malicious file on a remote server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28531

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in adminhelp3.php. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the target web application · Ability to host a malicious script on a remote server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28530

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook 1.3 and earlier. The vulnerability arises from insufficient sanitization of the 'dir_path' parameter in 'adminhelp2.php', allowing an attacker to include and execute arbitrary remote files.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook <= 1.3
No auth needed
Prerequisites: Remote file inclusion must be enabled on the target server · Attacker-controlled remote file with malicious code
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28529

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by injecting a malicious script path via the 'dir_path' parameter in adminhelp1.php. This allows an attacker to execute arbitrary code on the server due to insufficient input sanitization.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the target web application · PHP remote file inclusion enabled on the server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28528

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by injecting a malicious script path via the 'dir_path' parameter in adminhelp0.php. This allows an attacker to execute arbitrary code on the server.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the target web application · PHP remote file inclusion enabled on the server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28535

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in 'adminhelp3.php'. This allows an attacker to include arbitrary remote files, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the vulnerable endpoint · Ability to host or reference a malicious file
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28534

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook 1.3 and earlier. The attacker can inject arbitrary PHP code via the 'dir_path' parameter in adminhelp2.php, leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook <= 1.3
No auth needed
Prerequisites: Target application must be accessible · PHP 'allow_url_include' must be enabled
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28533

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by injecting a malicious script path via the 'dir_path' parameter in adminhelp1.php. This allows an attacker to execute arbitrary code on the target system.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the target web application · PHP remote file inclusion enabled on the server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28532

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by injecting a malicious script path via the 'dir_path' parameter in 'adminhelp0.php'. This allows an attacker to execute arbitrary code on the server.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the vulnerable endpoint · Ability to host or reference a malicious script
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28537

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in 'preview.php'. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the vulnerable 'preview.php' script · Ability to host or reference a malicious script
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28538

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in 'admin/log.php'. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Remote file inclusion must be enabled on the target server · Attacker must be able to host a malicious script on an accessible server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28539

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in the admin/index.php script. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the vulnerable admin/index.php script · Ability to host or reference a malicious script
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28540

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in 'config.php'. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Remote file inclusion must be enabled on the target server · Attacker must be able to host a malicious script on a remote server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by ThE_LeO · textwebappsphp
https://www.exploit-db.com/exploits/28541

The exploit demonstrates a remote file inclusion vulnerability in Telekorn Signkorn Guestbook by manipulating the 'dir_path' parameter in admin.php. This allows an attacker to include and execute arbitrary remote scripts, potentially leading to remote code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Telekorn Signkorn Guestbook 1.3 and earlier
No auth needed
Prerequisites: Access to the target web application · Ability to host a malicious script on a remote server
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by SHiKaA · textwebappsphp
https://www.exploit-db.com/exploits/2354

This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Signkorn Guestbook <= v1.3. The vulnerability is due to improper input validation in the 'dir_path' parameter in includes/log.inc.php, allowing an attacker to include and execute arbitrary remote files.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Signkorn Guestbook v1.3 and below
No auth needed
Prerequisites: Remote file hosting with executable code · Target server with allow_url_include enabled
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (25)

Core 25
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32201
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32218
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32205
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32217
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32211
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/28888
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32214
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32206
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/446086/100/0/threaded
URL Repurposed x_refsource_confirm
http://www.telekorn.com/forum/showthread.php?t=1427
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32215
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32200
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32204
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32208
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32203
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32207
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32199
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32202
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32210
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32212
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/19977
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32213
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32209
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/1619
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/32216

Scores

EPSS 0.1017
EPSS Percentile 95.1%

Details

Status published
Products (3)
telekorn/signkorn_guestbook 1.1
telekorn/signkorn_guestbook 1.2
telekorn/signkorn_guestbook < 1.3
Published Sep 19, 2006
Tracked Since Feb 18, 2026