CVE-2007-3425

phpTrafficA < 1.4.2 - Directory Traversal via Lang Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3425. PoCs published by laurent gaffiÃ©.

AI-analyzed exploit summary SQL injection exploit for phpTrafficA <= 1.4.2 via the 'pageid' parameter, allowing arbitrary SQL queries and file disclosure via LOAD_FILE. Also mentions XSS and directory traversal via the 'lang' parameter.

Description

Directory traversal vulnerability in index.php in phpTrafficA 1.4.2 and earlier allows remote attackers to include arbitrary local files via the lang parameter, a different vector and version than CVE-2007-1076.2.

Exploits (1)

exploitdb WORKING POC VERIFIED

by laurent gaffiÃ© · textwebappsphp

https://www.exploit-db.com/exploits/4100

View Code ZIP pw:eip

SQL injection exploit for phpTrafficA <= 1.4.2 via the 'pageid' parameter, allowing arbitrary SQL queries and file disclosure via LOAD_FILE. Also mentions XSS and directory traversal via the 'lang' parameter.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: phpTrafficA <= 1.4.2

No auth needed

Prerequisites: Access to the vulnerable web application · Knowledge of the target's SID

MITRE ATT&CK