CVE-2006-6786

Open Newsletter <2.5 - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-6786. PoCs published by BlackHawk.

AI-analyzed exploit summary This exploit targets Open Newsletter <= 2.* and includes multiple attack vectors: subscriber email retrieval, credential retrieval, and remote command execution. It leverages weak session validation and file inclusion vulnerabilities to achieve RCE.

Description

Open Newsletter 2.5 and earlier allows remote authenticated administrators to execute arbitrary PHP code by inserting the code into the email parameter to (1) subscribe.php or (2) unsubscribe.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by BlackHawk · phpwebappsphp

https://www.exploit-db.com/exploits/2981

View Code ZIP pw:eip

This exploit targets Open Newsletter <= 2.* and includes multiple attack vectors: subscriber email retrieval, credential retrieval, and remote command execution. It leverages weak session validation and file inclusion vulnerabilities to achieve RCE.

Classification

Working Poc 95%

Attack Type

Rce | Info Leak | Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Open Newsletter <= 2.*

No auth needed

Prerequisites: Network access to the target · Open Newsletter installation with default or weak configurations

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1087 - Account Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/2981

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/21775

Scores

EPSS 0.0172

EPSS Percentile 74.6%

Details

Status published

Products (2)

open_newsletter/open_newsletter 2.0

open_newsletter/open_newsletter < 2.5

Published Dec 28, 2006

Tracked Since Feb 18, 2026