CVE-2006-5055
syntaxCMS 1.1.1-1.3 - Remote Code Execution via init_path Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-5055. PoCs published by MoHaJaLi.
AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in syntaxCMS via the 'init_path' parameter in '0004_init_urls.php'. The vulnerable code includes a file without proper validation, allowing an attacker to include a remote shell.
Description
PHP remote file inclusion vulnerability in admin/testing/tests/0004_init_urls.php in syntaxCMS 1.1.1 through 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the init_path parameter.
Exploits (1)
This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in syntaxCMS via the 'init_path' parameter in '0004_init_urls.php'. The vulnerable code includes a file without proper validation, allowing an attacker to include a remote shell.