CVE-2007-0491

Sky GUNNING MySpeach <= 3.0.6 - Remote File Inclusion via my_ms[root] Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0491.

AI-analyzed exploit summary The exploit demonstrates a file inclusion vulnerability in MySpeach beta2.1 via the 'my[root]' parameter in 'up.php', allowing arbitrary code execution by manipulating the include path.

Description

PHP remote file inclusion vulnerability in up.php in Sky GUNNING MySpeach 3.0.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the my_ms[root] parameter, a different vector than CVE-2006-4630. NOTE: Some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/3165

View Code ZIP pw:eip

The exploit demonstrates a file inclusion vulnerability in MySpeach beta2.1 via the 'my[root]' parameter in 'up.php', allowing arbitrary code execution by manipulating the include path.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: MySpeach beta2.1

No auth needed

Prerequisites: Target must have MySpeach beta2.1 installed · Remote file inclusion must be enabled

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23850

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/0269

Scores

EPSS 0.0192

EPSS Percentile 77.2%

Details

Status published

Products (1)

sky_gunning/myspeach < 3.0.6

Published Jan 25, 2007

Tracked Since Feb 18, 2026