CVE-2007-1636

RoseOnlineCMS 3 B1 - Directory Traversal via op Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1636. PoCs published by GoLd_M.

AI-analyzed exploit summary This exploit targets a Local File Inclusion (LFI) vulnerability in RoseOnlineCMS v3 B1 by injecting malicious code into Apache log files and then including them via the 'op' parameter. It provides a shell-like interface to execute commands on the target system.

Description

Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the op parameter, as demonstrated by injecting PHP code into Apache log files via the URL and User-Agent HTTP header.

Exploits (1)

exploitdb WORKING POC VERIFIED

by GoLd_M · perlwebappsphp

https://www.exploit-db.com/exploits/3548

View Code ZIP pw:eip

This exploit targets a Local File Inclusion (LFI) vulnerability in RoseOnlineCMS v3 B1 by injecting malicious code into Apache log files and then including them via the 'op' parameter. It provides a shell-like interface to execute commands on the target system.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: RoseOnlineCMS v3 B1

No auth needed

Prerequisites: Target must be running RoseOnlineCMS v3 B1 · Apache log files must be writable and accessible via LFI

MITRE ATT&CK