CVE-2004-2053

EasyIns Stadtportal 4 - Remote File Inclusion via index.php site Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-2053. PoCs published by Francisco Alisson.

AI-analyzed exploit summary The provided text describes a file inclusion vulnerability in EasyIns Stadtportal version 4, where an attacker can include malicious files via the 'site' parameter in the URL. This is a remote file inclusion (RFI) vulnerability that could lead to arbitrary code execution.

Description

PHP remote file inclusion vulnerability in index.php in EasyIns Stadtportal 4 allows remote attackers to execute arbitrary PHP code via the site parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Francisco Alisson · textwebappsphp
https://www.exploit-db.com/exploits/24311

The provided text describes a file inclusion vulnerability in EasyIns Stadtportal version 4, where an attacker can include malicious files via the 'site' parameter in the URL. This is a remote file inclusion (RFI) vulnerability that could lead to arbitrary code execution.

Classification
Writeup 80%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: EasyIns Stadtportal version 4
No auth needed
Prerequisites: Access to the vulnerable URL parameter
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16797
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109069241512694&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/10795
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/8233
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1010769

Scores

EPSS 0.0281
EPSS Percentile 84.7%

Details

Status published
Products (1)
easyins/easyins stadtportal_4.0
Published Jul 24, 2004
Tracked Since Feb 18, 2026