CVE-2006-6872
eNdonesia 8.4 - Directory Traversal via mod.php mod Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-6872. PoCs published by z1ckX(ru).
AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in Endonesia8.4, including XSS, SQL injection, and local file inclusion, with a focus on SQLi for RCE via a web shell. The PoC provides clear examples of exploitable endpoints and payloads.
Description
Directory traversal vulnerability in mod.php in eNdonesia 8.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the mod parameter.
Exploits (1)
This exploit demonstrates multiple vulnerabilities in Endonesia8.4, including XSS, SQL injection, and local file inclusion, with a focus on SQLi for RCE via a web shell. The PoC provides clear examples of exploitable endpoints and payloads.