mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
878 B
878 B
CVE-2006-3144
Description
PHP remote file inclusion vulnerability in micro_cms_files/microcms-include.php in Implied By Design (IBD) Micro CMS 3.5 (aka 0.3.5) and earlier allows remote attackers to execute arbitrary PHP code via a URL in the microcms_path parameter. NOTE: it was later reported that this can also be leveraged to include and execute arbitrary local files via .. (dot dot) sequences.
POC
Reference
Github
No PoCs found on GitHub currently.