CVE-2006-6962
RS Gallery2 1.11.2 - Remote Code Execution via mosConfig_absolute_path Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-6962. PoCs published by marriottvn.
AI-analyzed exploit summary This exploit leverages a file inclusion vulnerability in RsGallery2 for Joomla by manipulating the `mosConfig_absolute_path` parameter to include arbitrary remote files. The vulnerability allows remote code execution (RCE) if the attacker controls the included file.
Description
PHP remote file inclusion vulnerability in rsgallery2.html.php in the RS Gallery2 component (com_rsgallery2) 1.11.2 for Joomla! allows attackers to execute arbitrary PHP code via the mosConfig_absolute_path parameter. NOTE: this issue may overlap CVE-2006-5047.
Exploits (1)
This exploit leverages a file inclusion vulnerability in RsGallery2 for Joomla by manipulating the `mosConfig_absolute_path` parameter to include arbitrary remote files. The vulnerability allows remote code execution (RCE) if the attacker controls the included file.