CVE-2007-4009

Parallels Confixx 2.0.12-3.3.1 - Remote Code Execution via thisdir Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4009. PoCs published by H4 / XPK.

AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in Confixx <= PRO 3.3.1 due to an undefined variable $thisdir in saveserver.php. An attacker can include arbitrary remote files and execute commands if allow_url_fopen is enabled and open_basedir is disabled.

Description

PHP remote file inclusion vulnerability in admin/business_inc/saveserver.php in SWSoft Confixx Pro 2.0.12 through 3.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the thisdir parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by H4 / XPK · textwebappsphp

https://www.exploit-db.com/exploits/4219

View Code ZIP pw:eip

This exploit demonstrates a remote file inclusion vulnerability in Confixx <= PRO 3.3.1 due to an undefined variable $thisdir in saveserver.php. An attacker can include arbitrary remote files and execute commands if allow_url_fopen is enabled and open_basedir is disabled.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Confixx PRO 3.3.1 and below

No auth needed

Prerequisites: allow_url_fopen enabled · open_basedir restriction disabled

MITRE ATT&CK