CVE-2005-0513
pMachine Pro 2.4 - Remote File Inclusion via Email This Entry Add-on
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-0513. PoCs published by kc.
AI-analyzed exploit summary The exploit describes a remote file inclusion vulnerability in PMachine Pro's 'mail_autocheck.php' script, allowing arbitrary server-side script execution. The vulnerability is triggered by manipulating the 'pm_path' parameter to include malicious code from an attacker-controlled server.
Description
PHP remote file inclusion vulnerability in mail_autocheck.php in the Email This Entry add-on for pMachine Pro 2.4, and possibly other versions including pMachine Free, allows remote attackers to execute arbitrary PHP code by directly requesting mail_autocheck.php and modifying the pm_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2003-1086.
Exploits (1)
The exploit describes a remote file inclusion vulnerability in PMachine Pro's 'mail_autocheck.php' script, allowing arbitrary server-side script execution. The vulnerability is triggered by manipulating the 'pm_path' parameter to include malicious code from an attacker-controlled server.