CVE-2007-4328

Mapos Bilder Galerie - Remote Code Execution via config[root_ordner] Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4328. PoCs published by Rizgar.

AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in Bilder Galerie 1.0 by injecting a malicious URL into the 'config[root_ordner]' parameter, allowing arbitrary command execution via remote file inclusion.

Description

Multiple PHP remote file inclusion vulnerabilities in Mapos Bilder Galerie 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) galerie.php, or (3) anzagien.php. NOTE: A later report states that 1.1 is also affected, but that the filename for vector 3 is anzeigen.php.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Rizgar · textwebappsphp

https://www.exploit-db.com/exploits/30480

View Code ZIP pw:eip

This exploit demonstrates a remote file inclusion vulnerability in Bilder Galerie 1.0 by injecting a malicious URL into the 'config[root_ordner]' parameter, allowing arbitrary command execution via remote file inclusion.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Bilder Galerie 1.0

No auth needed

Prerequisites: Target application must be running Bilder Galerie 1.0 · Remote file inclusion must be enabled on the server

MITRE ATT&CK