CVE-2006-5076

OpenConcept Back-End 0.4.5 - Remote File Inclusion via includes_path Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2006-5076. PoCs published by Root3r_H3ll.

AI-analyzed exploit summary The code describes a remote file inclusion vulnerability in Back-End CMS 0.4.5 due to improper input sanitization. An attacker can exploit this by manipulating the 'includes_path' parameter in search.php to execute arbitrary server-side script code.

Description

Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End 0.4.5 allow remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter in (1) admin/index.php, (2) Facts.php, or (3) search.php.

Exploits (3)

exploitdb WRITEUP VERIFIED
by Root3r_H3ll · textwebappsphp
https://www.exploit-db.com/exploits/28676

The code describes a remote file inclusion vulnerability in Back-End CMS 0.4.5 due to improper input sanitization. An attacker can exploit this by manipulating the 'includes_path' parameter in search.php to execute arbitrary server-side script code.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: Back-End CMS 0.4.5
No auth needed
Prerequisites: Access to the target web application · Ability to host a malicious file on a remote server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Root3r_H3ll · textwebappsphp
https://www.exploit-db.com/exploits/28675

The code describes a remote file inclusion vulnerability in Back-End CMS 0.4.5 due to improper input sanitization. An attacker can exploit this by manipulating the 'includes_path' parameter to execute arbitrary server-side script code.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: Back-End CMS 0.4.5
No auth needed
Prerequisites: Access to the vulnerable web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Root3r_H3ll · perlwebappsphp
https://www.exploit-db.com/exploits/28674

This exploit leverages a remote file inclusion vulnerability in Back-End CMS 0.4.5 by injecting a malicious URL into the 'includes_path' parameter, allowing arbitrary command execution via a remote shell script. The PoC sends HTTP requests to execute commands fetched from an attacker-controlled server.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Back-End CMS 0.4.5
No auth needed
Prerequisites: Network access to the target web server · Attacker-controlled server hosting the malicious script
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/20207
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/448776/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/29605
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/29172
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/450031/100/200/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/447005/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/1650

Scores

EPSS 0.0355
EPSS Percentile 87.8%

Details

Status published
Products (1)
back-end/back-end_cms 0.4.5
Published Sep 29, 2006
Tracked Since Feb 18, 2026