Description
Multiple PHP remote file inclusion vulnerabilities in Harpia CMS 1.0.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) func_prog parameter to (a) preload.php and (b) index.php; (2) header_prog parameter to (c) missing.php and (d) email.php, (e) files.php, (f) headlines.php, (g) search.php, (h) topics.php, and (i) users.php in _mods/; (3) theme_root parameter to (j) footer.php, (k) header.php, (l) pfooter.php, and (m) pheader.php in _inc; (4) mod_root parameter to _inc/header.php; and the (5) mod_dir and (6) php_ext parameters to (n) _inc/web_statsConfig.php.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Kw3[R]Ln · textwebappsphp
https://www.exploit-db.com/exploits/1943
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27308
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/1943
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/18614
Scores
EPSS
0.0534
EPSS Percentile
90.1%
Details
Status
published
Products (1)
harpia/harpia_cms
< 1.0.5
Published
Feb 15, 2007
Tracked Since
Feb 18, 2026