CVE-2007-4486

Linkliste 1.2 - Remote File Inclusion via styl[top], url_eintrag, or styl[themen] Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4486. PoCs published by iNs.

AI-analyzed exploit summary The provided text describes a remote file inclusion vulnerability in Linkliste 1.2, where insufficient sanitization of user-supplied data allows an attacker to include arbitrary files. The example URL demonstrates the vulnerability but lacks executable exploit code.

Description

Multiple PHP remote file inclusion vulnerabilities in index.php in Linkliste 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) styl[top], (2) url_eintrag, or (3) styl[themen] parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by iNs · textwebappsphp

https://www.exploit-db.com/exploits/30663

View Code ZIP pw:eip

The provided text describes a remote file inclusion vulnerability in Linkliste 1.2, where insufficient sanitization of user-supplied data allows an attacker to include arbitrary files. The example URL demonstrates the vulnerability but lacks executable exploit code.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Linkliste 1.2

No auth needed

Prerequisites: A vulnerable version of Linkliste · Ability to send crafted HTTP requests to the target

MITRE ATT&CK