CVE-2007-5015

Streamline PHP Media Server 1.0-beta4 - Remote Code Execution via sl_theme_unix_path Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-5015. PoCs published by BiNgZa.

AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Streamline CMS 1.0-beta4. The vulnerable parameter `sl_theme_unix_path` allows an attacker to include arbitrary remote files, potentially leading to remote code execution if `register_globals` is enabled.

Description

Multiple PHP remote file inclusion vulnerabilities in Streamline PHP Media Server 1.0-beta4 allow remote attackers to execute arbitrary PHP code via a URL in the sl_theme_unix_path parameter to (1) admin_footer.php, (2) info_footer.php, (3) theme_footer.php, (4) browse_footer.php, (5) account_footer.php, or (6) search_footer.php in core/theme/includes/. NOTE: the vulnerability is present only when the administrator does not follow installation instructions about the requirement for .htaccess Limit support.

Exploits (1)

exploitdb WORKING POC VERIFIED

by BiNgZa · textwebappsphp

https://www.exploit-db.com/exploits/4430

View Code ZIP pw:eip

This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in Streamline CMS 1.0-beta4. The vulnerable parameter `sl_theme_unix_path` allows an attacker to include arbitrary remote files, potentially leading to remote code execution if `register_globals` is enabled.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Streamline CMS 1.0-beta4

No auth needed

Prerequisites: PHP `register_globals` enabled · Remote file inclusion allowed by server configuration

MITRE ATT&CK