CVE-2005-0698

PHPWebLog <= 0.5.3 - Remote File Inclusion via G_PATH or PATH Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0698. PoCs published by Filip Groszynski.

AI-analyzed exploit summary This exploit leverages PHP's register_globals and allow_url_fopen settings to include remote files via manipulated G_PATH and PATH parameters in init.inc.php and index.php, leading to arbitrary code execution.

Description

PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) G_PATH parameter to init.inc.php or the (2) PATH parameter to index.php to reference a URL on a remote web server that contains the code.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Filip Groszynski · textwebappsphp
https://www.exploit-db.com/exploits/864

This exploit leverages PHP's register_globals and allow_url_fopen settings to include remote files via manipulated G_PATH and PATH parameters in init.inc.php and index.php, leading to arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: PHP applications with vulnerable include paths (e.g., certain CMS or web applications)
No auth needed
Prerequisites: register_globals=on · allow_url_fopen=on · vulnerable include path in target application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/12747
Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/392552

Scores

EPSS 0.0807
EPSS Percentile 94.1%

Details

Status published
Products (5)
jason_hines/phpweblog 0.4.2
jason_hines/phpweblog 0.5
jason_hines/phpweblog 0.5.1
jason_hines/phpweblog 0.5.2
jason_hines/phpweblog 0.5.3
Published Mar 07, 2005
Tracked Since Feb 18, 2026