CVE-2005-2733

Simple PHP Blog - Remote Code Execution via Unrestricted File Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-2733. PoCs published by Metasploit, including Metasploit module exploits/unix/webapp/sphpblog_file_upload.

AI-analyzed exploit summary This Metasploit module exploits CVE-2005-2733 in Simple PHP Blog <= 0.4.0 by combining three vulnerabilities: unauthenticated access to password hashes, arbitrary file upload via image upload functionality, and arbitrary file deletion via comment functionality. It uploads a PHP payload to achieve remote command execution.

Description

upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubywebappsphp
https://www.exploit-db.com/exploits/16883

This Metasploit module exploits CVE-2005-2733 in Simple PHP Blog <= 0.4.0 by combining three vulnerabilities: unauthenticated access to password hashes, arbitrary file upload via image upload functionality, and arbitrary file deletion via comment functionality. It uploads a PHP payload to achieve remote command execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Simple PHP Blog <= 0.4.0
No auth needed
Prerequisites: Target must be running Simple PHP Blog <= 0.4.0 · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
perlwebappsphp
https://www.exploit-db.com/exploits/1191

This Perl script exploits multiple vulnerabilities in SimplePHPBlog v0.4.0, including arbitrary file upload, password hash retrieval, and file deletion. It demonstrates a full exploit chain to achieve remote command execution via uploaded PHP files.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SimplePHPBlog v0.4.0
No auth needed
Prerequisites: Network access to the target · SimplePHPBlog v0.4.0 installed
devstral-2 · analyzed Feb 19, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
rubypocphp
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/sphpblog_file_upload.rb

This Metasploit module exploits three vulnerabilities in Simple PHP Blog <= 0.4.0: unauthenticated access to password hashes, arbitrary file upload via image upload functionality, and arbitrary file deletion via comment functionality. It chains these to achieve remote command execution by uploading a malicious PHP script.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Simple PHP Blog <= 0.4.0
No auth needed
Prerequisites: Network access to the target · Simple PHP Blog <= 0.4.0 installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=112511159821143&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/22012
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/14667
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16598/

Scores

EPSS 0.7994
EPSS Percentile 99.1%

Details

Status published
Products (1)
alexander_palmo/simple_php_blog 0.4.0
Published Aug 30, 2005
Tracked Since Feb 18, 2026