Return to CVE list

CVE-2006-4583

7.5
Critical

CVE-2006-4583

cve@mitre.org
Deferred
View on MITREFind on GitHub

Description

Multiple PHP remote file inclusion vulnerabilities in FlashChat before 4.6.2 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) inc/cmses/aedatingCMS.php, (2) inc/cmses/aedatingCMS2.php, or (3) inc/cmses/aedating4CMS.php.

Exploits

22932006-09-04webappsPHP

FlashChat 4.5.7 - 'aedating4CMS.php' Remote File Inclusion

By NeXtMaN

References

cve@mitre.org
http://secunia.com/advisories/21756
cve@mitre.org
http://securitytracker.com/id?1016784
cve@mitre.org
http://www.securityfocus.com/archive/1/445219/100/0/threaded
cve@mitre.org
http://www.securityfocus.com/bid/19826
cve@mitre.org
http://www.tufat.com/changeLog2.htm
cve@mitre.org
http://www.vupen.com/english/advisories/2006/3449
cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/28706
cve@mitre.org
https://www.exploit-db.com/exploits/2293
af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/21756
af854a3a-2127-422b-91ae-364da2661108
http://securitytracker.com/id?1016784
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/445219/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/19826
af854a3a-2127-422b-91ae-364da2661108
http://www.tufat.com/changeLog2.htm
af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2006/3449
af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/28706
af854a3a-2127-422b-91ae-364da2661108
https://www.exploit-db.com/exploits/2293