CVE-2002-0764

Phorum 3.3.2a - Remote Code Execution via PHORUM[settings_dir] Manipulation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0764. PoCs published by markus arndt.

AI-analyzed exploit summary The exploit demonstrates a remote file inclusion vulnerability in Phorum's 'plugin.php', 'admin.php', and 'del.php' files. Attackers can manipulate the 'PHORUM[settings_dir]' or 'include_path' parameters to include and execute arbitrary PHP scripts from a remote server.

Description

Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a directory that contains a PHP file with the commands.

Exploits (1)

exploitdb WORKING POC VERIFIED

by markus arndt · textwebappsphp

https://www.exploit-db.com/exploits/21459

View Code ZIP pw:eip

The exploit demonstrates a remote file inclusion vulnerability in Phorum's 'plugin.php', 'admin.php', and 'del.php' files. Attackers can manipulate the 'PHORUM[settings_dir]' or 'include_path' parameters to include and execute arbitrary PHP scripts from a remote server.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Phorum (version not specified)

No auth needed

Prerequisites: Phorum installation with vulnerable files accessible · Ability to host malicious PHP script on an external server

MITRE ATT&CK