CVE-2006-5283
Minichat 6.0 - Remote File Inclusion via ftag.php mostrar Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-5283. PoCs published by Zickox.
AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Minichat v6 via the 'mostrar' parameter in ftag.php. The vulnerable code directly includes a user-supplied file path without validation, allowing arbitrary remote file inclusion.
Description
PHP remote file inclusion vulnerability in ftag.php in Minichat 6.0 allows remote attackers to execute arbitrary PHP code via a URL in the mostrar parameter.
Exploits (1)
This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Minichat v6 via the 'mostrar' parameter in ftag.php. The vulnerable code directly includes a user-supplied file path without validation, allowing arbitrary remote file inclusion.