CVE-2007-2262

Sinato jmuffin - Remote Code Execution via relPath or folder Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2262. PoCs published by InyeXion.

AI-analyzed exploit summary The provided text describes a remote file inclusion vulnerability in File117, where unsanitized user input in the 'relPath' and 'folder' parameters can lead to arbitrary file inclusion. No actual exploit code is present, only a description and example URLs.

Description

Multiple PHP remote file inclusion vulnerabilities in html/php/detail.php in Sinato jmuffin allow remote attackers to execute arbitrary PHP code via a URL in the (1) relPath and (2) folder parameters. NOTE: this product was originally reported as "File117".

Exploits (1)

exploitdb WRITEUP VERIFIED

by InyeXion · textwebappsphp

https://www.exploit-db.com/exploits/29880

View Code ZIP pw:eip

The provided text describes a remote file inclusion vulnerability in File117, where unsanitized user input in the 'relPath' and 'folder' parameters can lead to arbitrary file inclusion. No actual exploit code is present, only a description and example URLs.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: File117

No auth needed

Prerequisites: Access to the vulnerable application · Ability to craft malicious URLs

MITRE ATT&CK