CVE-2005-0513

pMachine Pro 2.4 - Remote File Inclusion via Email This Entry Add-on

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0513. PoCs published by kc.

AI-analyzed exploit summary The exploit describes a remote file inclusion vulnerability in PMachine Pro's 'mail_autocheck.php' script, allowing arbitrary server-side script execution. The vulnerability is triggered by manipulating the 'pm_path' parameter to include malicious code from an attacker-controlled server.

Description

PHP remote file inclusion vulnerability in mail_autocheck.php in the Email This Entry add-on for pMachine Pro 2.4, and possibly other versions including pMachine Free, allows remote attackers to execute arbitrary PHP code by directly requesting mail_autocheck.php and modifying the pm_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2003-1086.

Exploits (1)

exploitdb WRITEUP VERIFIED
by kc · textwebappsphp
https://www.exploit-db.com/exploits/25127

The exploit describes a remote file inclusion vulnerability in PMachine Pro's 'mail_autocheck.php' script, allowing arbitrary server-side script execution. The vulnerability is triggered by manipulating the 'pm_path' parameter to include malicious code from an attacker-controlled server.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: PMachine Pro 2.4
No auth needed
Prerequisites: Network access to the target server · PMachine Pro installation with vulnerable 'mail_autocheck.php' script
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/12597
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/15473
Mailing List mailing-list x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=110883604531802&w=2

Scores

EPSS 0.0633
EPSS Percentile 92.8%

Details

Status published
Products (1)
pmachine/pmachine_pro 2.4
Published Feb 19, 2005
Tracked Since Feb 18, 2026