ID CVE-2006-2323
Summary Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the returnpath parameter in (1) editsite.php, (2) addsite.php, and (3) in.php. NOTE: The config.php vector is already covered by CVE-2006-1749.
References
Vulnerable Configurations
  • cpe:2.3:a:smartisoft:phplistpro:2.0
    cpe:2.3:a:smartisoft:phplistpro:2.0
  • cpe:2.3:a:smartisoft:phplistpro:2.01
    cpe:2.3:a:smartisoft:phplistpro:2.01
CVSS
Base: 5.1 (as of 12-05-2006 - 09:22)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description phpListPro <= 2.01 Multiple Remote File Include Vulnerabilities. CVE-2006-1749,CVE-2006-2323. Webapps exploit for php platform
id EDB-ID:1769
last seen 2016-01-31
modified 2006-05-08
published 2006-05-08
reporter Aesthetico
source https://www.exploit-db.com/download/1769/
title phpListPro <= 2.01 - Multiple Remote File Include Vulnerabilities
nessus via4
NASL family CGI abuses
NASL id PHPLISTPRO_REMOTE_FILE_INCLUDE.NASL
description The remote host is running phpListPro, a website voting/ranking tool written in PHP. The installed version of phpListPro fails to sanitize user input to the 'returnpath' parameter of the 'config.php', 'editsite.php', 'addsite.php', and 'in.php' scripts before using it to include PHP code from other files. An unauthenticated attacker may be able to read arbitrary local files or include a file from a remote host that contains commands which will be executed on the remote host subject to the privileges of the web server process. These flaws are only exploitable if PHP's 'register_globals' is enabled.
last seen 2019-02-21
modified 2018-11-15
plugin id 21310
published 2006-05-03
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=21310
title phpListPro Multiple Script returnpath Parameter Remote File Inclusions
refmap via4
bugtraq
  • 20060508 PhpListPro 2.01 Remote File Include Vulnerability
  • 20060508 [MajorSecurity] phpListPro <= 2.01 - Multiple Remote File Include Vulnerability
osvdb
  • 25904
  • 25905
  • 25906
sectrack 1016060
sreason
xf phplistpro-multiple-file-include(26359)
Last major update 05-09-2008 - 17:04
Published 11-05-2006 - 20:02
Last modified 18-10-2018 - 12:39
Back to Top