CVE-2007-3432

Pluxml 0.3.1 - Unauthenticated Arbitrary File Upload via admin/images.php

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3432. PoCs published by DarkFig.

AI-analyzed exploit summary This exploit targets a remote code execution vulnerability in Pluxml 0.3.1 by leveraging an XSS flaw to steal admin session cookies and then uploading a malicious JPG file containing PHP shellcode. It establishes a reverse shell by binding to a specified IP and port.

Description

Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename.

Exploits (1)

exploitdb WORKING POC VERIFIED
by DarkFig · phpwebappsphp
https://www.exploit-db.com/exploits/4096

This exploit targets a remote code execution vulnerability in Pluxml 0.3.1 by leveraging an XSS flaw to steal admin session cookies and then uploading a malicious JPG file containing PHP shellcode. It establishes a reverse shell by binding to a specified IP and port.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Pluxml 0.3.1
No auth needed
Prerequisites: Victim must click on a crafted URL · Network access to the target Pluxml installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/472205/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/42420
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4096
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35016

Scores

EPSS 0.0818
EPSS Percentile 94.1%

Details

Status published
Products (1)
pluxml/pluxml 0.3.1
Published Jun 27, 2007
Tracked Since Feb 18, 2026