CVE-2007-0987

Jupiter CMS <1.1.5 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0987. PoCs published by DarkFig.

AI-analyzed exploit summary This exploit demonstrates Local/Remote File Inclusion vulnerabilities in Jupiter CMS 1.1.5 due to improper filtering of the 'n' parameter in index.php. It allows attackers to include arbitrary local files (with magic_quotes_gpc=Off) or remote files (with PHP >= 5.0.0 and allow_url_fopen=On).

Description

Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot), or an absolute pathname, in the n parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by DarkFig · textwebappsphp

https://www.exploit-db.com/exploits/3309

View Code ZIP pw:eip

This exploit demonstrates Local/Remote File Inclusion vulnerabilities in Jupiter CMS 1.1.5 due to improper filtering of the 'n' parameter in index.php. It allows attackers to include arbitrary local files (with magic_quotes_gpc=Off) or remote files (with PHP >= 5.0.0 and allow_url_fopen=On).

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Jupiter CMS 1.1.5

No auth needed

Prerequisites: magic_quotes_gpc=Off for LFI · PHP >= 5.0.0 and allow_url_fopen=On for RFI

MITRE ATT&CK