CVE-2006-5590

ArticleBeach Script < 2.0 - Remote File Inclusion via Page Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5590. PoCs published by Bithedz.

AI-analyzed exploit summary The document describes a remote file inclusion vulnerability in ArticleBeach Script <= 2.0, where the 'page' parameter in index.php is not properly sanitized, allowing arbitrary PHP code execution. The proof of concept demonstrates exploitation via a malicious URL.

Description

PHP remote file inclusion vulnerability in index.php in ArticleBeach Script 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Bithedz · textwebappsphp

https://www.exploit-db.com/exploits/2645

View Code ZIP pw:eip

The document describes a remote file inclusion vulnerability in ArticleBeach Script <= 2.0, where the 'page' parameter in index.php is not properly sanitized, allowing arbitrary PHP code execution. The proof of concept demonstrates exploitation via a malicious URL.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: ArticleBeach Script <= 2.0

No auth needed

Prerequisites: Network access to the target · PHP allow_url_include enabled

MITRE ATT&CK