CVE-2006-5189

Klinza Professional CMS <5.0.1 - RCE

Title source: llm

Description

PHP remote file inclusion vulnerability in funzioni/lib/show_hlp.php in klinza professional cms 5.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appl[APPL] parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kacper · perlwebappsphp

https://www.exploit-db.com/exploits/2472

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/2472

[Exploit] http://www.securityfocus.com/bid/20323

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/29336

Scores

EPSS 0.0495

EPSS Percentile 89.7%

Details

Status published

Products (1)

klinza/klinza_professional_cms < 5.0.1

Published Oct 10, 2006

Tracked Since Feb 18, 2026