CVE-2002-2015

EIP tracks 1 public exploit for CVE-2002-2015. PoCs published by pokleyzz sakamaniaka.

AI-analyzed exploit summary This exploit leverages a file inclusion vulnerability in PostNuke's user.php script, allowing an attacker to include and execute arbitrary remote files by manipulating the 'caselist' parameter. The vulnerability is due to insufficient input validation, enabling remote code execution.

PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter.