CVE-2006-7194

Agora 1.4 RC1 - Remote Code Execution via _SESSION[PATH_COMPOSANT] Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-7194. PoCs published by the_day.

AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in Agora 1.4 RC1 due to improper verification of the $_SESSION[PATH_COMPOSANT] parameter. An attacker can include arbitrary PHP code from external resources.

Description

PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by the_day · textwebappsphp
https://www.exploit-db.com/exploits/2726

This exploit demonstrates a remote file inclusion vulnerability in Agora 1.4 RC1 due to improper verification of the $_SESSION[PATH_COMPOSANT] parameter. An attacker can include arbitrary PHP code from external resources.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Agora 1.4 RC1
No auth needed
Prerequisites: Target running Agora 1.4 RC1 with vulnerable configuration · Ability to host malicious PHP file on an external server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30031
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/2726
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=116283849004075&w=2

Scores

EPSS 0.0511
EPSS Percentile 91.3%

Details

Status published
Products (1)
republique_francaise/agora 1.4_rc1
Published Apr 18, 2007
Tracked Since Feb 18, 2026