CVE-2006-4913

AlstraSoft E-friends 4.85 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4913. PoCs published by Kw3[R]Ln.

AI-analyzed exploit summary This exploit leverages a remote command execution vulnerability in AlstraSoft Efriends 4.85 by injecting PHP code into Apache log files via HTTP requests, then triggering execution through a vulnerable PHP script. It requires magic_quotes_gpc to be off.

Description

Directory traversal vulnerability in chat/getStartOptions.php in AlstraSoft E-friends 4.85 allows remote attackers to include arbitrary local files and possibly execute arbitrary code via a .. (dot dot) sequence and trailing null (%00) byte in the lang parameter, as demonstrated by injecting PHP code into a log file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kw3[R]Ln · perlwebappsphp

https://www.exploit-db.com/exploits/2389

View Code ZIP pw:eip

This exploit leverages a remote command execution vulnerability in AlstraSoft Efriends 4.85 by injecting PHP code into Apache log files via HTTP requests, then triggering execution through a vulnerable PHP script. It requires magic_quotes_gpc to be off.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: AlstraSoft Efriends 4.85

No auth needed

Prerequisites: magic_quotes_gpc = off · write access to Apache log files · vulnerable PHP script accessible

MITRE ATT&CK