Exploitation Summary
EIP tracks 3 public exploits for CVE-2006-4992. PoCs published by Drago84.
AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in JD-WordPress for Joomla by manipulating the 'mosConfig_absolute_path' parameter to include arbitrary remote files containing malicious PHP code. The vulnerability arises due to insufficient input sanitization.
Description
Multiple PHP remote file inclusion vulnerabilities in JD-WordPress for Joomla! (com_jd-wp) 2.0-1.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter in (1) wp-comments-post.php, (2) wp-feed.php, or (3) wp-trackback.php.
Exploits (3)
This exploit demonstrates a remote file inclusion vulnerability in JD-WordPress for Joomla by manipulating the 'mosConfig_absolute_path' parameter to include arbitrary remote files containing malicious PHP code. The vulnerability arises due to insufficient input sanitization.
This exploit demonstrates a remote file inclusion vulnerability in JD-WordPress for Joomla due to improper input sanitization. An attacker can include arbitrary remote files containing malicious PHP code via the 'mosConfig_absolute_path' parameter.
This exploit demonstrates a remote file inclusion vulnerability in JD-WordPress for Joomla by injecting a malicious URL into the 'mosConfig_absolute_path' parameter, allowing arbitrary PHP code execution.