CVE-2004-2368

Opt-X 0.7.2 - RCE

Title source: llm

Description

PHP remote file inclusion vulnerability in header.php in Opt-X 0.7.2 allows remote attackers to execute arbitrary PHP code via the systempath parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Zone-h Security Team · textdosphp

https://www.exploit-db.com/exploits/23750

View Code ZIP pw:eip

References (4)

Core 4

Core References

Various Sources x_refsource_misc

http://www.zone-h.org/en/advisories/read/id=4036/

Patch, URL Repurposed x_refsource_confirm

http://www.opt-x.org/index.php

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/9732

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/15296

Scores

EPSS 0.0366

EPSS Percentile 87.9%

Details

Status published

Published Dec 31, 2004

Tracked Since Feb 18, 2026