CVE-2002-2249

News Evolution 2.0 - Remote Code Execution via neurl Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-2249. PoCs published by frog.

AI-analyzed exploit summary This exploit leverages a file inclusion vulnerability in News Evolution's aff_news.php and export_news.php by manipulating the 'chemin' parameter to execute arbitrary commands or disclose sensitive files. The attack involves remote file inclusion (RFI) via HTTP requests to include malicious or sensitive files from an attacker-controlled server.

Description

PHP remote file inclusion vulnerability in News Evolution 2.0 allows remote attackers to execute arbitrary PHP commands via the neurl parameter to (1) backend.php, (2) screen.php, or (3) admin/modules/comment.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by frog · textwebappsphp

https://www.exploit-db.com/exploits/22048

View Code ZIP pw:eip

This exploit leverages a file inclusion vulnerability in News Evolution's aff_news.php and export_news.php by manipulating the 'chemin' parameter to execute arbitrary commands or disclose sensitive files. The attack involves remote file inclusion (RFI) via HTTP requests to include malicious or sensitive files from an attacker-controlled server.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: News Evolution (version not specified)

No auth needed

Prerequisites: Target server must have allow_url_fopen or allow_url_include enabled in PHP configuration · Attacker must be able to host malicious files on a remote server

MITRE ATT&CK

T1189 - Drive-by Compromise T1200 - Hardware Additions T1210 - Exploitation of Remote Services

devstral-2 · analyzed Feb 16, 2026 Full analysis →