CVE-2005-4593

phpDocumentor 1.3.0 rc4 - Remote File Inclusion via FORUM[LIB] or root_dir Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-4593. PoCs published by rgod.

AI-analyzed exploit summary This PHP script exploits a remote command execution vulnerability in PhpDocumentor <= 1.3.0 rc4 by sending crafted HTTP requests to vulnerable endpoints. It includes two attack vectors and checks for a specific response to confirm exploitation.

Description

PHP remote file inclusion vulnerability in phpDocumentor 1.3.0 rc4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary code via a URL in the (1) FORUM[LIB] parameter in Documentation/tests/bug-559668.php and (2) the root_dir parameter in docbuilder/file_dialog.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpwebappsphp

https://www.exploit-db.com/exploits/1395

View Code ZIP pw:eip

This PHP script exploits a remote command execution vulnerability in PhpDocumentor <= 1.3.0 rc4 by sending crafted HTTP requests to vulnerable endpoints. It includes two attack vectors and checks for a specific response to confirm exploitation.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: PhpDocumentor <= 1.3.0 rc4

No auth needed

Prerequisites: Target must have PhpDocumentor <= 1.3.0 rc4 installed · Remote location must be prepared with specific code

MITRE ATT&CK