CVE-2007-2743

GlossWord 1.8.1 - Remote File Inclusion via sys[path_addon] Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2743. PoCs published by BeyazKurt.

AI-analyzed exploit summary This exploit targets a file inclusion vulnerability in GlossWord v1.8 by manipulating the `sys[path_addon]` parameter to include arbitrary PHP files, leading to remote code execution (RCE). The PoC demonstrates the vulnerability by including a malicious file via the `custom_vars.php` script.

Description

PHP remote file inclusion vulnerability in custom_vars.php in GlossWord 1.8.1 allows remote attackers to execute arbitrary PHP code via a URL in the sys[path_addon] parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by BeyazKurt · textwebappsphp

https://www.exploit-db.com/exploits/3935

View Code ZIP pw:eip

This exploit targets a file inclusion vulnerability in GlossWord v1.8 by manipulating the `sys[path_addon]` parameter to include arbitrary PHP files, leading to remote code execution (RCE). The PoC demonstrates the vulnerability by including a malicious file via the `custom_vars.php` script.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: GlossWord v1.8

No auth needed

Prerequisites: Access to the vulnerable endpoint · Ability to host or reference a malicious PHP file

MITRE ATT&CK