CVE-2005-0632
PHPNews 1.2.4 - Remote File Inclusion via auth.php path Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-0632. PoCs published by mozako.
AI-analyzed exploit summary This exploit targets a remote file inclusion vulnerability in PHPNews 1.2.4 by injecting a malicious URL into the 'path' parameter of 'auth.php'. It leverages unsanitized user input to include and execute arbitrary remote PHP files.
Description
PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter.
Exploits (1)
This exploit targets a remote file inclusion vulnerability in PHPNews 1.2.4 by injecting a malicious URL into the 'path' parameter of 'auth.php'. It leverages unsanitized user input to include and execute arbitrary remote PHP files.