CVE-2007-1446

Danny HO Oes - Code Injection

Title source: rule

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1446. PoCs published by K-159.

AI-analyzed exploit summary This is a writeup detailing a remote file inclusion vulnerability in Open Educational System (OES) 0.1beta. The vulnerability arises from unsanitized variables in multiple PHP files, allowing remote code execution when register_globals and allow_fopenurl are enabled.

Description

Multiple PHP remote file inclusion vulnerabilities in Open Education System (OES) 0.1beta allow remote attackers to execute arbitrary PHP code via a URL in the CONF_INCLUDE_PATH parameter to (1) lib-account.inc.php, (2) lib-file.inc.php, (3) lib-group.inc.php, (4) lib-log.inc.php, (5) lib-mydb.inc.php, (6) lib-template-mod.inc.php, and (7) lib-themes.inc.php in includes/.

Exploits (1)

exploitdb WRITEUP VERIFIED

by K-159 · textwebappsphp

https://www.exploit-db.com/exploits/3465

View Code ZIP pw:eip

This is a writeup detailing a remote file inclusion vulnerability in Open Educational System (OES) 0.1beta. The vulnerability arises from unsanitized variables in multiple PHP files, allowing remote code execution when register_globals and allow_fopenurl are enabled.

Classification

Writeup 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Open Educational System (OES) 0.1beta

No auth needed

Prerequisites: register_globals=on · allow_fopenurl=on

MITRE ATT&CK