CVE-2007-1906

eCardMAX HotEditor 4.0 - Local File Inclusion via richedit/keyboard.php Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1906. PoCs published by Liz0ziM.

AI-analyzed exploit summary This exploit targets a local file inclusion vulnerability in eCardMAX HotEditor 4.0, allowing unauthorized file access and script execution. The PoC sends a crafted request to 'keyboard.php' with a malicious 'first' parameter to include arbitrary files.

Description

Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, and the HotEditor plugin for MyBB, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the first parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Liz0ziM · perlwebappsphp

https://www.exploit-db.com/exploits/29827

View Code ZIP pw:eip

This exploit targets a local file inclusion vulnerability in eCardMAX HotEditor 4.0, allowing unauthorized file access and script execution. The PoC sends a crafted request to 'keyboard.php' with a malicious 'first' parameter to include arbitrary files.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: eCardMAX HotEditor 4.0

No auth needed

Prerequisites: Target URL with vulnerable HotEditor installation

MITRE ATT&CK