CVE-2005-2412

PHP FirstPost - RCE

Title source: llm

Description

PHP remote file inclusion vulnerability in block.php in PHP FirstPost allows remote attackers to execute arbitrary PHP code via the Include parameter.

Exploits (1)

exploitdb WORKING POC

htmlwebappsphp

https://www.exploit-db.com/exploits/3906

View Code ZIP pw:eip

References (5)

[Mailing List] http://marc.info/?l=bugtraq&m=112230599222543&w=2

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/21513

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/14371

[Third Party Advisory, VDB Entry] http://www.osvdb.org/18394

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1014563

Scores

EPSS 0.0320

EPSS Percentile 87.0%

Details

Status published

Products (1)

php_firstpost/php_firstpost

Published Aug 03, 2005

Tracked Since Feb 18, 2026