Exploitation Summary
EIP tracks 1 public exploit for CVE-2004-0071. PoCs published by Cabezon Aurelien.
AI-analyzed exploit summary This exploit demonstrates an information disclosure vulnerability in Andy's PHP Projects Man Page Lookup script. By manipulating the 'command' parameter, an attacker can read arbitrary files on the server, such as '/etc/resolv.conf'.
Description
Directory traversal vulnerability in buildManPage in class.manpagelookup.php for PHP Man Page Lookup 1.2.0 allows remote attackers to read arbitrary files via the command parameter ($cmd variable) to index.php.
Exploits (1)
This exploit demonstrates an information disclosure vulnerability in Andy's PHP Projects Man Page Lookup script. By manipulating the 'command' parameter, an attacker can read arbitrary files on the server, such as '/etc/resolv.conf'.