CVE-2007-3792

AzDG Dating Gold 3.0.5 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2007-3792. PoCs published by mostafa_ragab.

AI-analyzed exploit summary The provided text describes a remote file inclusion vulnerability in AzDG Dating Gold 3.0.5, where unsanitized user input allows arbitrary remote file execution. The example URL demonstrates how an attacker could include a malicious script via the 'int_path' parameter.

Description

Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/.

Exploits (3)

exploitdb WRITEUP VERIFIED
by mostafa_ragab · textwebappsphp
https://www.exploit-db.com/exploits/30303

The provided text describes a remote file inclusion vulnerability in AzDG Dating Gold 3.0.5, where unsanitized user input allows arbitrary remote file execution. The example URL demonstrates how an attacker could include a malicious script via the 'int_path' parameter.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: AzDG Dating Gold 3.0.5
No auth needed
Prerequisites: Network access to the target application · Ability to host a malicious file on a remote server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by mostafa_ragab · textwebappsphp
https://www.exploit-db.com/exploits/30301

The provided text describes a remote file inclusion vulnerability in AzDG Dating Gold 3.0.5, where unsanitized user input in the 'int_path' parameter allows arbitrary remote file execution. No actual exploit code is present, only a description and example URL.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: AzDG Dating Gold 3.0.5
No auth needed
Prerequisites: Network access to the target application · Ability to host a malicious file on a remote server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by mostafa_ragab · textwebappsphp
https://www.exploit-db.com/exploits/30302

The provided text describes a remote file inclusion vulnerability in AzDG Dating Gold 3.0.5, where unsanitized user input allows arbitrary remote file execution. The example URL demonstrates how an attacker could exploit this to include a malicious script.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: AzDG Dating Gold 3.0.5
No auth needed
Prerequisites: Access to the vulnerable endpoint · Remote file hosting with malicious script
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36263
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/473664/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36262
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35428
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2888
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24910
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36264

Scores

EPSS 0.0527
EPSS Percentile 91.5%

Details

Status published
Products (1)
azerbaijan_development_group/azdgdating 3.0.5 gold
Published Jul 15, 2007
Tracked Since Feb 18, 2026