Exploitation Summary
EIP tracks 1 public exploit for CVE-2007-2780. PoCs published by kefka.
AI-analyzed exploit summary The exploit describes a path-disclosure vulnerability in PsychoStats 3.0.6b and prior versions. By submitting invalid data via the 'newtheme' parameter, an attacker can disclose sensitive path information.
Description
PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensitive information via a request for server.php with a missing or invalid newtheme parameter, which reveals a path in an error message.
Exploits (1)
The exploit describes a path-disclosure vulnerability in PsychoStats 3.0.6b and prior versions. By submitting invalid data via the 'newtheme' parameter, an attacker can disclose sensitive path information.