CVE-2006-4963

Exponent CMS 0.96.3 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4963. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets Exponent CMS 0.96.3 by leveraging arbitrary local file inclusion and remote command execution via session file manipulation. It bypasses magic_quotes_gpc and injects a malicious payload through the CLIENT-IP header.

Description

Directory traversal vulnerability in index.php in Exponent CMS 0.96.3 allows remote attackers to read and execute arbitrary local files via a .. (dot dot) sequence in the view parameter in the show_view action in the calendarmodule module, as demonstrated by executing PHP code through session files.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/2391

View Code ZIP pw:eip

This exploit targets Exponent CMS 0.96.3 by leveraging arbitrary local file inclusion and remote command execution via session file manipulation. It bypasses magic_quotes_gpc and injects a malicious payload through the CLIENT-IP header.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Exponent CMS 0.96.3 (possibly other versions)

No auth needed

Prerequisites: PHP environment with fsockopen enabled · Target running Exponent CMS 0.96.3 · Access to the target's web server

MITRE ATT&CK