CVE-2007-3505

QuickTalk forum 1.3 - Directory Traversal via Lang Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3505. PoCs published by Katatafish.

AI-analyzed exploit summary This exploit demonstrates a Local File Inclusion (LFI) vulnerability in QuickTalk forum v1.3. The vulnerability arises from unsanitized user input in the 'lang' parameter, allowing directory traversal to read arbitrary files on the server.

Description

Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) sequence in the lang parameter to (1) qtf_checkname.php, (2) qtf_j_birth.php, or (3) qtf_j_exists.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Katatafish · textwebappsphp

https://www.exploit-db.com/exploits/4115

View Code ZIP pw:eip

This exploit demonstrates a Local File Inclusion (LFI) vulnerability in QuickTalk forum v1.3. The vulnerability arises from unsanitized user input in the 'lang' parameter, allowing directory traversal to read arbitrary files on the server.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: QuickTalk forum v1.3

No auth needed

Prerequisites: Access to the vulnerable web application

devstral-2 · analyzed Feb 16, 2026 Full analysis →