CVE-2005-1681
php_advanced_transfer_manager 1.21 - Remote File Inclusion via include_location Parameter
Title source: manualExploitation Summary
EIP tracks 1 public exploit for CVE-2005-1681. PoCs published by Ingvar Gilbert.
AI-analyzed exploit summary The provided text describes a file inclusion vulnerability in PHP Advanced Transfer Manager due to unsanitized user input. It allows arbitrary server-side script execution via the 'include_location' parameter.
Description
PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location parameter to index.php.
Exploits (1)
The provided text describes a file inclusion vulnerability in PHP Advanced Transfer Manager due to unsanitized user input. It allows arbitrary server-side script execution via the 'include_location' parameter.