CVE-2006-5786

e107 0.7.5 - Directory Traversal via e107language_e107cookie Cookie

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5786. PoCs published by Kacper.

AI-analyzed exploit summary This exploit leverages a local file inclusion vulnerability in e107 <= 0.7.5 by manipulating the `e107language` cookie to include arbitrary files, leading to remote code execution. It requires `register_globals=On` and authenticated user credentials to inject malicious code into log files.

Description

Directory traversal vulnerability in class2.php in e107 0.7.5 and earlier allows remote attackers to read and execute PHP code in arbitrary files via ".." sequences in the e107language_e107cookie cookie to gsitemap.php.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Kacper · phpwebappsphp
https://www.exploit-db.com/exploits/2711

This exploit leverages a local file inclusion vulnerability in e107 <= 0.7.5 by manipulating the `e107language` cookie to include arbitrary files, leading to remote code execution. It requires `register_globals=On` and authenticated user credentials to inject malicious code into log files.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: e107 <= 0.7.5
Auth required
Prerequisites: register_globals=On · valid user credentials · access to the target server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30030
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/20913
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/2711

Scores

EPSS 0.0240
EPSS Percentile 81.9%

Details

Status published
Products (1)
e107/e107 0.7.5
Published Nov 07, 2006
Tracked Since Feb 18, 2026