CVE-2007-0637

Galeria Zdjec < 3.0 - Remote File Inclusion via Galeria Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0637. PoCs published by ajann.

AI-analyzed exploit summary This exploit targets a Local File Include (LFI) vulnerability in Galeria Zdjec <= v3.0 via the 'zd_numer.php' script. It injects malicious PHP code into Apache log files and then includes the log file to execute arbitrary commands.

Description

Directory traversal vulnerability in zd_numer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the galeria parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by zd_numer.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ajann · perlwebappsphp

https://www.exploit-db.com/exploits/3225

View Code ZIP pw:eip

This exploit targets a Local File Include (LFI) vulnerability in Galeria Zdjec <= v3.0 via the 'zd_numer.php' script. It injects malicious PHP code into Apache log files and then includes the log file to execute arbitrary commands.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Galeria Zdjec <= v3.0

No auth needed

Prerequisites: Target must be running Galeria Zdjec <= v3.0 · Apache log files must be writable and accessible via LFI

MITRE ATT&CK