Remote File Inclusion Vulnerability in Les Visiteurs Software by J-Pierre DEZELUS
CVE-2006-5310

Currently unrated

Key Information:

Vendor: J-pierre Dezelus
Status: Les Visiteurs; PHPmyconferences
Vendor: CVE Published:; 17 October 2006

🔔 Create J-pierre Dezelus Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2006-5310?

A PHP remote file inclusion vulnerability exists in Les Visiteurs 2.0.1, utilized by phpMyConferences 8.0.2 and potentially other associated products. This flaw enables remote attackers to execute arbitrary PHP code by manipulating the 'lvc_include_dir' parameter, exposing systems to security breaches and unauthorized access.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2006-5310 - Proof of Concept

References

http://secunia.com/advisories/22411

third-party-advisoryx_refsource_SECUNIA

https://www.exploit-db.com/exploits/2535

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/20505

vdb-entryx_refsource_BID

EPSS Score

5% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Oct 17, 2006
👾
Exploit known to exist
Oct 17, 2006
Vulnerability published
Oct 17, 2006
Vulnerability Reserved
Oct 17, 2006

CVE-2006-5310 Data

JSON