CVE-2005-0689

The Includer - Remote Command Execution via Shell Metacharacters in URL or Template Parameter

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-0689. PoCs published by K-C0d3r, GreenwooD, Francisco Alisson.

AI-analyzed exploit summary This Perl script exploits a command injection vulnerability in Includer.cgi 1.0 by injecting arbitrary commands via the 'template' or direct query parameter. It establishes a socket connection to the target and sends a crafted HTTP GET request to execute the command.

Description

includer.cgi in The Includer allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the URL or (2) the template parameter.

Exploits (3)

exploitdb WORKING POC VERIFIED

by K-C0d3r · perlwebappscgi

https://www.exploit-db.com/exploits/923

View Code ZIP pw:eip

This Perl script exploits a command injection vulnerability in Includer.cgi 1.0 by injecting arbitrary commands via the 'template' or direct query parameter. It establishes a socket connection to the target and sends a crafted HTTP GET request to execute the command.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Includer.cgi 1.0

No auth needed

Prerequisites: Target must have Includer.cgi 1.0 installed and accessible · Network access to the target web server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by GreenwooD · perlwebappscgi

https://www.exploit-db.com/exploits/922

View Code ZIP pw:eip

This Perl script exploits CVE-2005-0689, a command injection vulnerability in The Includer CGI <= 1.0. It crafts an HTTP GET request with malicious input to execute arbitrary commands on the target system via the vulnerable 'includer.cgi' script.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: The Includer CGI <= 1.0

No auth needed

Prerequisites: Target must be running The Includer CGI <= 1.0 · Target must be accessible via HTTP

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Francisco Alisson · textwebappscgi

https://www.exploit-db.com/exploits/862

View Code ZIP pw:eip

This exploit demonstrates a command injection vulnerability in a CGI script (includer.cgi) where arbitrary commands can be executed via the 'template' parameter or directly in the URL. The vulnerability arises from improper input sanitization.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: includer.cgi (version unspecified)

No auth needed

Prerequisites: A vulnerable version of includer.cgi accessible via HTTP

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=111030957413411&w=2

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=111021730710779&w=2

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/12738

Scores

EPSS 0.0991

EPSS Percentile 95.0%

Details

Status published

Products (2)

jimmy/the_includer 1.0

jimmy/the_includer 1.1

Published Mar 07, 2005

Tracked Since Feb 18, 2026