CVE-2006-5763

Free File Hosting < 1.1 - Remote File Inclusion via AD_BODY_TEMP Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2006-5763. PoCs published by Crackers_Child, IbnuSina.

AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in Free Image Hosting 2.0, allowing an attacker to include arbitrary files via the 'AD_BODY_TEMP' parameter in multiple PHP scripts. The exploit provides clear examples of malicious URLs to trigger the vulnerability.

Description

Multiple PHP remote file inclusion vulnerabilities in Free File Hosting 1.1, and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the AD_BODY_TEMP parameter to (1) login.php, (2) register.php, or (3) send.php. NOTE: the original provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this issue was later reported for the "File Upload System" which is a component of Free File Hosting. Vector 1 also affects Free Image Hosting 2.0, which contains the same code.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Crackers_Child · textwebappsphp
https://www.exploit-db.com/exploits/3568

This exploit demonstrates a remote file inclusion vulnerability in Free Image Hosting 2.0, allowing an attacker to include arbitrary files via the 'AD_BODY_TEMP' parameter in multiple PHP scripts. The exploit provides clear examples of malicious URLs to trigger the vulnerability.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Free Image Hosting 2.0
No auth needed
Prerequisites: Access to the vulnerable web application · Ability to craft malicious URLs with the 'AD_BODY_TEMP' parameter
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by IbnuSina · textwebappsphp
https://www.exploit-db.com/exploits/29774

The provided text describes a remote file inclusion vulnerability in Free File Hosting version 1.1, where insufficient sanitization of user-supplied data allows an attacker to include remote files. The example URL demonstrates the exploitation vector via the 'AD_BODY_TEMP' parameter.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: Free File Hosting 1.1
No auth needed
Prerequisites: Access to the vulnerable application · Ability to craft a malicious URL with a remote file inclusion payload
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by IbnuSina · textwebappsphp
https://www.exploit-db.com/exploits/29773

The code describes a remote file inclusion vulnerability in Free File Hosting version 1.1, where insufficient sanitization of user-supplied data allows an attacker to include remote files via the 'AD_BODY_TEMP' parameter in login.php. This is related to a previously reported issue (BID 20781).

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: Free File Hosting 1.1
No auth needed
Prerequisites: Access to the vulnerable login.php endpoint · Ability to host a malicious file on a remote server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Third Party Advisory mailing-list x_refsource_vim
http://www.attrition.org/pipermail/vim/2007-March/001473.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/30146
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/22594
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/33196
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/23118
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/3568
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/30145
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/463707/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/30144
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/29874

Scores

EPSS 0.0491
EPSS Percentile 91.0%

Details

Status published
Products (2)
free_php_scripts/free_file_hosting < 1.1
free_php_scripts/free_image_hosting 2.0
Published Nov 06, 2006
Tracked Since Feb 18, 2026