CVE-2007-4235
VietPHP - Remote File Inclusion via dirpath or language Parameter
Title source: manualExploitation Summary
EIP tracks 3 public exploits for CVE-2007-4235. PoCs published by master-of-desastor.
AI-analyzed exploit summary The provided text describes a remote file-include vulnerability in VietPHP due to insufficient sanitization of user-supplied data. It includes a sample exploit URL but lacks actual exploit code or detailed technical steps.
Description
Multiple PHP remote file inclusion vulnerabilities in VietPHP allow remote attackers to execute arbitrary PHP code via a URL in (1) the dirpath parameter to (a) _functions.php, or (2) the language parameter to (b) admin/index.php or (c) index.php.
Exploits (3)
The provided text describes a remote file-include vulnerability in VietPHP due to insufficient sanitization of user-supplied data. It includes a sample exploit URL but lacks actual exploit code or detailed technical steps.
The provided text describes a remote file-include vulnerability in VietPHP due to insufficient sanitization of user-supplied data. It includes a basic example URL demonstrating the vulnerability but lacks executable exploit code.
The provided text describes a remote file-include vulnerability in VietPHP due to insufficient sanitization of user-supplied data. It includes a sample exploit URL but lacks actual exploit code or detailed technical steps.