CVE-2015-6008

Web Reference Database <0.9.6 - Command Injection

Title source: llm

Description

install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute arbitrary commands via the adminPassword parameter, a different issue than CVE-2015-7381.

Exploits (1)

exploitdb WORKING POC

by Mohab Ali · textwebappsphp

https://www.exploit-db.com/exploits/38292

View Code ZIP pw:eip

References (2)

Core 2

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/38292/

Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/374092

Scores

EPSS 0.0755

EPSS Percentile 91.9%

Details

CWE

CWE-78

Status published

Products (1)

refbase/refbase < 0.9.6

Published Sep 28, 2015

Tracked Since Feb 18, 2026