CVE-2007-0178

Easy Banner Pro 2.8 - Remote File Inclusion via s[phppath] Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0178. PoCs published by rUnViRuS.

AI-analyzed exploit summary The provided text describes a remote file-include vulnerability in Easy Banner Pro 2.8 due to insufficient sanitization of user-supplied data. It includes a sample exploit URL but lacks executable code.

Description

PHP remote file inclusion vulnerability in info.php in Easy Banner Pro 2.8 allows remote attackers to execute arbitrary PHP code via a URL in the s[phppath] parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by rUnViRuS · textwebappsphp

https://www.exploit-db.com/exploits/29437

View Code ZIP pw:eip

The provided text describes a remote file-include vulnerability in Easy Banner Pro 2.8 due to insufficient sanitization of user-supplied data. It includes a sample exploit URL but lacks executable code.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Easy Banner Pro 2.8

No auth needed

Prerequisites: Network access to the target application

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/31374

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/33455

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/2132

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/21967

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/456404/100/0/threaded

Scores

EPSS 0.0261

EPSS Percentile 83.4%

Details

Status published

Products (1)

php_web_scripts/easy_banner_pro 2.8

Published Jan 11, 2007

Tracked Since Feb 18, 2026