CVE-2007-2530

Tropicalm Crowell Resource <4.5.2 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2530. PoCs published by kezzap66345.

AI-analyzed exploit summary This is a writeup detailing a Remote File Inclusion (RFI) vulnerability in Tropicalm Crowell Resource v4.5.2. It provides examples of exploitable parameters and paths but does not include functional exploit code.

Description

Multiple PHP remote file inclusion vulnerabilities in Tropicalm Crowell Resource 4.5.2 allow remote attackers to execute arbitrary PHP code via a URL in the RESPATH parameter to (1) dosearch.php or (2) printfriendly.php.

Exploits (1)

exploitdb WRITEUP VERIFIED

by kezzap66345 · textwebappsphp

https://www.exploit-db.com/exploits/3865

View Code ZIP pw:eip

This is a writeup detailing a Remote File Inclusion (RFI) vulnerability in Tropicalm Crowell Resource v4.5.2. It provides examples of exploitable parameters and paths but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Tropicalm Crowell Resource v4.5.2

No auth needed

Prerequisites: A vulnerable version of Tropicalm Crowell Resource · Remote file inclusion must be enabled on the server

MITRE ATT&CK