CVE-2007-3535

GL-SH Deaf Forum < 6.4.4 - Remote File Inclusion via Directory Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-3535. PoCs published by BugReport.IR, Katatafish.

AI-analyzed exploit summary This is a vulnerability writeup for CVE-2007-3535, detailing multiple vulnerabilities in GL-SH Deaf Forum <=6.5.5, including LFI, unrestricted file upload, and XSS. It provides exploit URLs and POCs but does not contain executable exploit code.

Description

Multiple directory traversal vulnerabilities in GL-SH Deaf Forum 6.4.4 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) FORUM_LANGUAGE parameter to functions.php or the (2) style parameter to bottom.php.

Exploits (2)

exploitdb WRITEUP VERIFIED
by BugReport.IR · textwebappsphp
https://www.exploit-db.com/exploits/5870

This is a vulnerability writeup for CVE-2007-3535, detailing multiple vulnerabilities in GL-SH Deaf Forum <=6.5.5, including LFI, unrestricted file upload, and XSS. It provides exploit URLs and POCs but does not contain executable exploit code.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: GL-SH Deaf Forum <=6.5.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Katatafish · textwebappsphp
https://www.exploit-db.com/exploits/4124

This exploit demonstrates a local file inclusion (LFI) vulnerability in GL-SH Deaf Board versions <= 6.4.4. It allows an attacker to read arbitrary files on the server by manipulating the FORUM_LANGUAGE and style parameters.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: GL-SH Deaf Board <= 6.4.4
No auth needed
Prerequisites: Target application must be accessible · Vulnerable version of GL-SH Deaf Board must be running
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25893
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35160
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4124
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/37111
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/37110

Scores

EPSS 0.0264
EPSS Percentile 83.6%

Details

Status published
Products (1)
frank_karau/gl-sh_deaf_forum < 6.4.4
Published Jul 03, 2007
Tracked Since Feb 18, 2026