CVE-2006-7106
powerphlogger < 2.0.9 - Remote Code Execution via rel_path Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-7106. PoCs published by x_w0x.
AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in Power Phlogger 2.0.9 by manipulating the 'rel_path' parameter in config.inc.php3 to include arbitrary remote files. The vulnerability allows an attacker to execute arbitrary code by including a malicious script hosted on a remote server.
Description
PHP remote file inclusion vulnerability in config.inc.php3 in Power Phlogger 2.0.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rel_path parameter.
Exploits (1)
This exploit demonstrates a remote file inclusion vulnerability in Power Phlogger 2.0.9 by manipulating the 'rel_path' parameter in config.inc.php3 to include arbitrary remote files. The vulnerability allows an attacker to execute arbitrary code by including a malicious script hosted on a remote server.