CVE-2003-1436
Nukebrowser 2.1-2.5 - Remote Code Execution via filhead Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2003-1436. PoCs published by Havenard.
AI-analyzed exploit summary This exploit demonstrates a file inclusion vulnerability in Nukebrowser's nukebrowser.php script, allowing remote attackers to include arbitrary files from external servers via manipulated URI parameters. The PoC shows how an attacker can execute commands by pointing to a remote cmd.txt file.
Description
PHP remote file inclusion vulnerability in nukebrowser.php in Nukebrowser 2.1 to 2.5 allows remote attackers to execute arbitrary PHP code via the filhead parameter.
Exploits (1)
This exploit demonstrates a file inclusion vulnerability in Nukebrowser's nukebrowser.php script, allowing remote attackers to include arbitrary files from external servers via manipulated URI parameters. The PoC shows how an attacker can execute commands by pointing to a remote cmd.txt file.