CVE-2006-6137

Sisfo Kampus 0.8 - RCE

Title source: llm
STIX 2.1

Description

Multiple PHP remote file inclusion vulnerabilities in Sisfo Kampus 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the (1) exec parameter to index.php or (2) print parameter to print.php, which is also accessible via the print command to index.php.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Wawan Firmansyah · textwebappsphp
https://www.exploit-db.com/exploits/2847

References (2)

Core 2
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21294
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/2847

Scores

EPSS 0.0515
EPSS Percentile 89.9%

Details

Status published
Products (1)
sisfo_kampus/sisfo_kampus 0.8
Published Nov 28, 2006
Tracked Since Feb 18, 2026