CVE-2007-1851

Really Simple PHP and Ajax 2007-03-23 - Remote File Inclusion via __class Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1851. PoCs published by Hamid Ebadi.

AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in RSPA (Really Simple PHP and Ajax) due to improper input validation in the '__IncludeFilePHPClass', '__ClassPath', and '__class' parameters. Attackers can include arbitrary PHP files from local or external resources, leading to remote code execution.

Description

Multiple directory traversal vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the __class parameter to (1) Controller_v4.php or (2) Controller_v5.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Hamid Ebadi · textwebappsphp

https://www.exploit-db.com/exploits/3641

View Code ZIP pw:eip

This exploit demonstrates a remote file inclusion vulnerability in RSPA (Really Simple PHP and Ajax) due to improper input validation in the '__IncludeFilePHPClass', '__ClassPath', and '__class' parameters. Attackers can include arbitrary PHP files from local or external resources, leading to remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: RSPA (Really Simple PHP and Ajax) version rspa-2007-03-23

No auth needed

Prerequisites: Network access to the vulnerable RSPA application · Ability to host a malicious PHP file on an external server

MITRE ATT&CK