CVE-2007-4908

AuraCMS <= 2.1 - Remote File Inclusion via Pilih Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4908. PoCs published by k1tk4t.

AI-analyzed exploit summary This exploit demonstrates a remote file attachment vulnerability in AuraCMS 2.1, allowing arbitrary file uploads to the '/files/' directory, and a local file inclusion vulnerability due to improper input validation in 'index.php'. The PoC includes steps to upload a shell and access sensitive files via path traversal.

Description

Directory traversal vulnerability in index.php in AuraCMS 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pilih parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by k1tk4t · textwebappsphp

https://www.exploit-db.com/exploits/4390

View Code ZIP pw:eip

This exploit demonstrates a remote file attachment vulnerability in AuraCMS 2.1, allowing arbitrary file uploads to the '/files/' directory, and a local file inclusion vulnerability due to improper input validation in 'index.php'. The PoC includes steps to upload a shell and access sensitive files via path traversal.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: AuraCMS 2.1

No auth needed

Prerequisites: magic_quotes_gpc must be off · file upload functionality accessible

MITRE ATT&CK