CVE-2007-0167

WGS-PPC - RCE

Title source: llm
STIX 2.1

Description

Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search Engine), as distributed with other aliases, allow remote attackers to execute arbitrary PHP code via a URL in the INC parameter in (1) config_admin.php, (2) config_main.php, (3) config_member.php, and (4) mysql_config.php in config/; (5) admin.php and (6) index.php in admini/; (7) paypalipn/ipnprocess.php; (8) index.php and (9) registration.php in members/; and (10) ppcbannerclick.php and (11) ppcclick.php in main/.

Exploits (1)

exploitdb WORKING POC VERIFIED
by IbnuSina · textwebappsphp
https://www.exploit-db.com/exploits/3104

References (17)

Core 17
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/3104
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/33449
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/33445
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2134
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/33447
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/33454
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21961
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/456386/100/0/threaded
Third Party Advisory mailing-list x_refsource_vim
http://www.attrition.org/pipermail/vim/2007-January/001221.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/33450
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/33444
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/33448
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31355
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/33451
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/33452
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/33446
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/33453

Scores

EPSS 0.1493
EPSS Percentile 94.6%

Details

Status published
Products (2)
ppc_search_engine/ppc_search_engine 1.61
wgs-ppc/wgs-ppc
Published Jan 10, 2007
Tracked Since Feb 18, 2026