CVE-2006-5043

Joomlaboard Forum Component <1.1.2 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5043. PoCs published by Cold Zero.

AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Joomla's com_joomlaboard component (1.1.x branch). The vulnerability allows an attacker to include arbitrary remote files via the 'sbp' parameter in 'file_upload.php' or 'image_upload.php'.

Description

Multiple PHP remote file inclusion vulnerabilities in the Joomlaboard Forum Component (com_joomlaboard) before 1.1.2 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to (1) file_upload.php or (2) image_upload.php, a variant of CVE-2006-3528.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Cold Zero · textwebappsphp

https://www.exploit-db.com/exploits/3560

View Code ZIP pw:eip

This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Joomla's com_joomlaboard component (1.1.x branch). The vulnerability allows an attacker to include arbitrary remote files via the 'sbp' parameter in 'file_upload.php' or 'image_upload.php'.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Joomla com_joomlaboard 1.1.x

No auth needed

Prerequisites: Target must have Joomla with vulnerable com_joomlaboard component installed · Remote file inclusion must be enabled on the server

MITRE ATT&CK