CVE-2007-2008

pl-php beta 0.9 - Directory Traversal via Lang Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2008. PoCs published by Omni.

AI-analyzed exploit summary This is a technical writeup detailing multiple vulnerabilities in pL-PHP beta 0.9, including SQL injection, admin access bypass via global variable manipulation, and local file inclusion. It includes code snippets and proof-of-concept examples.

Description

Directory traversal vulnerability in admin.php in pL-PHP beta 0.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Omni · textwebappsphp

https://www.exploit-db.com/exploits/3704

View Code ZIP pw:eip

This is a technical writeup detailing multiple vulnerabilities in pL-PHP beta 0.9, including SQL injection, admin access bypass via global variable manipulation, and local file inclusion. It includes code snippets and proof-of-concept examples.

Classification

Writeup 95%

Attack Type

Sqli | Auth Bypass | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: pL-PHP beta 0.9

No auth needed

Prerequisites: Access to the login.php or admin.php endpoints

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1003 - OS Credential Dumping

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/465340/100/0/threaded

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/3704

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/1352

Scores

EPSS 0.0244

EPSS Percentile 82.2%

Details

Status published

Products (1)

pl-php/pl-php 0.9_beta

Published Apr 12, 2007

Tracked Since Feb 18, 2026