EXPLOITDB-EDB-5757

EXPLOITDB text VERIFIED WORKING POC

Exploit for CVE-2008-2689 - Browsercrm - Code Injection

AI Analysis

This exploit demonstrates a remote file inclusion vulnerability in BrowserCRM 5.002.00 by manipulating the 'bcrm_pub_root' parameter to include a remote shell. The vulnerability arises from insecure file inclusion in the 'clients.php' script.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform php

Language text

Files 1

https://www.exploit-db.com/exploits/5757

Authors

ahmadbady

Vulnerability

CVE-2008-2689

Browsercrm - Code Injection