CVE-2005-0860
TRG News Script 3.0 - Remote File Inclusion via dir Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-0860. PoCs published by Frank_Reiner.
AI-analyzed exploit summary The provided text describes a remote file inclusion vulnerability in TRG News, where unsanitized user input allows attackers to include and execute remote PHP scripts. The example URL demonstrates the exploit vector.
Description
PHP remote file inclusion vulnerability in TRG News Script 3.0 allows remote attackers to execute arbitrary PHP code via the dir parameter to (1) article.php, (2) authorall.php, (3) comment.php, (4) display.php, or (5) displayall.php.
Exploits (1)
The provided text describes a remote file inclusion vulnerability in TRG News, where unsanitized user input allows attackers to include and execute remote PHP scripts. The example URL demonstrates the exploit vector.