CVE-2007-1130

Sinapis Gastebuch 2.2 - Remote File Inclusion via fuss Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1130. PoCs published by kezzap66345.

AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Sinapis 2.2 Gastebuch via the 'fuss' parameter in sinagb.php. The vulnerability allows an attacker to include and execute arbitrary remote code by manipulating the 'fuss' parameter.

Description

PHP remote file inclusion vulnerability in sinagb.php in Sinapis Gastebuch 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the fuss parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by kezzap66345 · textwebappsphp

https://www.exploit-db.com/exploits/3366

View Code ZIP pw:eip

This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Sinapis 2.2 Gastebuch via the 'fuss' parameter in sinagb.php. The vulnerability allows an attacker to include and execute arbitrary remote code by manipulating the 'fuss' parameter.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Sinapis Gästebuch 2.2

No auth needed

Prerequisites: Remote file inclusion must be enabled on the target server · Attacker must have access to a remote shell or script to include

MITRE ATT&CK